Add input validation to SIWA private key prompt

[josefaidt]

Is this related to a new or existing Amplify category?

auth

Is this related to another service?

n/a

Describe the feature you'd like to request

Add input validation for SIWA private key (PKCS8 PEM format) prompt, preventing developers from adding the social provider and mitigating failed push attempts. Currently providing an invalid value (example: fakeprivatekey) will allow a successful update to the local auth resource only to error on push for HostedUIProvidersCustomResourceInputs, and pointing developers to check the CloudWatch logs for this Lambda callout. This log will display the error:

CREATE_FAILED      HostedUIProvidersCustomResourceInputs Custom::LambdaCallout      Fri Sep 03 2021 13:32:00 GMT-0500 (Central Daylight Time) Received response status [FAILED] from custom resource. Message returned: See the details in CloudWatch Log Stream: 2021/09/03/[$LATEST]1f507a017e90478c88299b19bf549fe6 (RequestId: 4a841311-2d06-454e-8a93-bd360059c76c)

AWS Amplify Admin UI has input validation built into the form used to add SIWA social signin, preventing developers from providing an invalid value. By adding this input validation it will also align DX across Admin UI and the CLI.

Describe the solution you'd like

When providing an invalid private key value such as fakeprivatekey CLI should prevent the developer from continuing until a valid private key value (PKCS8 PEM format) is supplied, similar to how the validation error is supplied when adding an APNS notification:

? Choose authentication method used for APNs Key
? The bundle id used for APNs Tokens:  fakebundleid
? The team id used for APNs Tokens:  faketeamid
? The key id used for APNs Tokens:  fakekeyid
? The key file path (.p8):  /fake/key/path.p8
>> file path must be valid

Example:

Select the identity providers you want to configure for your user pool: Sign in with Apple
  
 You've opted to allow users to authenticate via Sign in with Apple. If you haven't already, you'll need to go to https://developer.
apple.com/account/#/welcome and configure Sign in with Apple. 
 
 Enter your Services ID for your OAuth flow:  fakeserviceid
 Enter your Team ID for your OAuth flow:  faketeamid
 Enter your Key ID for your OAuth flow:  fakekeyid
 Enter your Private Key for your OAuth flow:  fakeprivatekey
>> Private key must be valid

Describe alternatives you've considered

n/a

Additional context

No response

Is this something that you'd be interested in working on?

• 👋 I may be able to implement this feature request
• ⚠️ This feature might incur a breaking change

[sebsto]

At least document the format required for the private key. At the moment, the iOS doc does not even mention that part of the CLI.
Developers have to guess if the CLI expects a path or a base64 encoded key. No clue

https://docs.amplify.aws/lib/auth/social/q/platform/ios/#launch-social-web-ui-sign-in

[sebsto]

Added an issue on the doc project to document the expected inputs aws-amplify/docs#4678

[sebsto]

Other issues because of this
#9478
#8939 (comment)

[sebsto]

What worked for me was to enter the p8 file content on one single line

Example
-----BEGIN PRIVATE KEY-----MIGT....ogty6P-----END PRIVATE KEY-----%