oidc-exchange: reflow

Signed-off-by: William Woodruff <[email protected]>

Author: woodruffw

oidc-exchange.py

@@ -10,6 +10,21 @@
 
 _GITHUB_STEP_SUMMARY = Path(os.getenv("GITHUB_STEP_SUMMARY"))
 
+_TOKEN_RETRIEVAL_FAILED_MESSAGE = dedent(
+    """
+    OIDC token retrieval failed: {identity_error}
+
+    This generally indicates a workflow configuration error, such as insufficient
+    permissions. Make sure that your workflow has `id-token: write` configured
+    at either the workflow or job level, e.g.:
+
+    ```yaml
+    permissions:
+      id-token: write
+    ```
+    """
+)
+
 
 def die(msg: str) -> NoReturn:
     with _GITHUB_STEP_SUMMARY.open("a") as io:
@@ -75,23 +90,8 @@ def get_normalized_input(name: str) -> str | None:
 
 try:
     oidc_token = id.detect_credential(audience=oidc_audience)
-except id.IdentityError as exc:
-    die(
-        dedent(
-            f"""
-            OIDC token retrieval failed: {exc}
-
-            This generally indicates a workflow configuration error, such as insufficient
-            permissions. Make sure that your workflow has `id-token: write` configured
-            at either the workflow or job level, e.g.:
-
-            ```yaml
-            permissions:
-              id-token: write
-            ```
-            """
-        )
-    )
+except id.IdentityError as identity_error:
+    die(_TOKEN_RETRIEVAL_FAILED_MESSAGE.format(identity_error=identity_error))
 
 # Now we can do the actual token exchange.
 mint_token_resp = requests.post(