diff --git a/auth.py b/auth.py
index 11a2113b4..c41561016 100644
--- a/auth.py
+++ b/auth.py
@@ -200,11 +200,17 @@ def _get_luci_context_access_token(env, now):
   if expiry:
     try:
       expiry_dt = datetime.datetime.utcfromtimestamp(expiry)
+      logging.debug(
+        'local_auth: got an access token for '
+        'account "%s" that expires in %d sec',
+        account_id, (expiry_dt - now).total_seconds())
     except (TypeError, ValueError):
       authErr('Invalid expiry in returned token')
-  logging.debug(
-      'local_auth: got an access token for account "%s" that expires in %d sec',
-      account_id, expiry - time.mktime(now.timetuple()))
+  else:
+    logging.debug(
+        'local auth: got an access token for '
+        'account "%s" that does not expire',
+        account_id)
   access_token = AccessToken(access_token, expiry_dt)
   if _needs_refresh(access_token, now=now):
     authErr('local_auth: the returned access token needs to be refreshed')
diff --git a/tests/auth_test.py b/tests/auth_test.py
index 565fe30a7..d34647f0e 100755
--- a/tests/auth_test.py
+++ b/tests/auth_test.py
@@ -45,12 +45,13 @@ class TestGetLuciContextAccessToken(auto_stub.TestCase):
 
   def test_correct_local_auth_format(self):
     self._mock_local_auth('dead', 'beef', 10)
-    expiry_time = datetime.datetime.min + datetime.timedelta(minutes=60)
+    expiry_time = datetime.datetime.min + datetime.timedelta(hours=1)
     resp_content = {
       'error_code': None,
       'error_message': None,
       'access_token': 'token',
-      'expiry': time.mktime(expiry_time.timetuple()),
+      'expiry': (expiry_time
+                 - datetime.datetime.utcfromtimestamp(0)).total_seconds(),
     }
     self._mock_loc_server_resp(200, json.dumps(resp_content))
     token = auth._get_luci_context_access_token(