Hi all! I've just started with Kotlin and Ktor and I'm setting up a server with JWT authentication. I want the server to respond with a 401 code and a relevant message when the token is incorrect. For example, if the claim

userId

is missing then I would like to have a response saying "Claim 'userId' is missing". I don't think it's currently possible in Ktor and I would like to add it to Ktor. Can any of you offer some insight in whether (a) this is a good feature and (b) how I would go about adding this? The Java library that parses the JWT returns useful information in an exception, but this information is then discarded and an empty UnauthorizedResponse is sent. I think the solution is to add this information to the UnauthorizedResponse as a response body.

it’s not like, intrinsically useful imo, for most inter-service communication I’d rather just have the called service log the error and then return the 401 normally

Maybe you could use the Status Pages feature to catch the generic exception and respond with the appropriately-formatted response? https://ktor.io/servers/features/status-pages.html

was gonna say, you have the option of configuring this yourself, basically