Jeremy Guijt

03/25/2020, 8:26 AM
Hi all! I've just started with Kotlin and Ktor and I'm setting up a server with JWT authentication. I want the server to respond with a 401 code and a relevant message when the token is incorrect. For example, if the claim
is missing then I would like to have a response saying "Claim 'userId' is missing". I don't think it's currently possible in Ktor and I would like to add it to Ktor. Can any of you offer some insight in whether (a) this is a good feature and (b) how I would go about adding this? The Java library that parses the JWT returns useful information in an exception, but this information is then discarded and an empty UnauthorizedResponse is sent. I think the solution is to add this information to the UnauthorizedResponse as a response body.
Does anyone think that this is a good/bad idea? Or should I make an issue on Github?


03/25/2020, 4:19 PM
it’s not like, intrinsically useful imo, for most inter-service communication I’d rather just have the called service log the error and then return the 401 normally

Casey Brooks

03/25/2020, 4:20 PM
Maybe you could use the Status Pages feature to catch the generic exception and respond with the appropriately-formatted response?
💯 1


03/25/2020, 4:20 PM
was gonna say, you have the option of configuring this yourself, basically