From d161ad38a8948b088b29035855a3a475dd9cf24b Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Sun, 12 Apr 2026 15:33:57 +0200
Subject: [PATCH] fix: log deserialization failures on log ingestion endpoint

Spring's default handler silently returns 400 for malformed payloads
with no server-side log. Added @ExceptionHandler to catch and WARN with
the agent instance ID and root cause message.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../server/app/controller/LogIngestionController.java  | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/LogIngestionController.java b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/LogIngestionController.java
index 53443cde..fa2acf68 100644
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/LogIngestionController.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/LogIngestionController.java
@@ -15,6 +15,8 @@ import org.slf4j.LoggerFactory;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.http.converter.HttpMessageNotReadableException;
+import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -94,6 +96,14 @@ public class LogIngestionController {
         return ResponseEntity.accepted().build();
     }
 
+    @ExceptionHandler(HttpMessageNotReadableException.class)
+    public ResponseEntity<Void> handleDeserializationError(HttpMessageNotReadableException ex) {
+        String instanceId = extractAgentId();
+        log.warn("Log ingestion from instance={}: failed to deserialize request body: {}",
+                instanceId != null ? instanceId : "unknown", ex.getMostSpecificCause().getMessage());
+        return ResponseEntity.badRequest().build();
+    }
+
     private String extractAgentId() {
         Authentication auth = SecurityContextHolder.getContext().getAuthentication();
         return auth != null ? auth.getName() : null;