From 88d2a93e21387a9b59825ba0941c67904d2c7a6e Mon Sep 17 00:00:00 2001
From: Sven Strittmatter <sven.strittmatter@iteratec.com>
Date: Wed, 14 Feb 2024 16:16:13 +0100
Subject: [PATCH] Improve Error Message on Failed attachment of Finding

The original code does not provide the causing error, which makes
it dificult to debug the problem.

- Add first adding loggign capabilities via SLF4J.
- Log the failed attempt of attaching a finding as eror w/ original
  exception message.
- Pass the causing exception to the exception we rethrow to preserve
  the full stack trace.

Signed-off-by: Sven Strittmatter <sven.strittmatter@iteratec.com>
---
 pom.xml                                                     | 6 ++++++
 .../defectdojo/service/DefaultImportScanService.java        | 5 ++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 135e1196..e138e583 100644
--- a/pom.xml
+++ b/pom.xml
@@ -122,6 +122,12 @@
             <version>${com.fasterxml.jackson.version}</version>
         </dependency>
         <dependency>
+          <groupId>org.slf4j</groupId>
+          <artifactId>slf4j-api</artifactId>
+          <version>2.0.11</version>
+        </dependency>
+
+      <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
             <version>1.18.30</version>
diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanService.java b/src/main/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanService.java
index e082a5ef..00bb63bd 100644
--- a/src/main/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanService.java
+++ b/src/main/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanService.java
@@ -11,6 +11,7 @@
 import io.securecodebox.persistence.defectdojo.model.ScanFile;
 import lombok.Getter;
 import lombok.NonNull;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.http.HttpHost;
 import org.apache.http.auth.AuthScope;
 import org.apache.http.auth.UsernamePasswordCredentials;
@@ -40,6 +41,7 @@
 /*
  * https://defectdojo.security.iteratec.dev/api/v2/oa3/swagger-ui/#operations-tag-import-scan
  */
+@Slf4j
 class DefaultImportScanService implements ImportScanService {
   private static final List<HttpMessageConverter<?>> HTTP_MESSAGE_CONVERTERS = List.of(
     new FormHttpMessageConverter(),
@@ -123,7 +125,8 @@ public String getFilename() {
       final var payload = new HttpEntity<MultiValueMap<String, Object>>(body, headers);
       return exchangeRequest(endpoint, payload);
     } catch (HttpClientErrorException e) {
-      throw new PersistenceException("Failed to attach findings to engagement.");
+      log.error("Exception while attaching findings to engagement: {}", e.getMessage());
+      throw new PersistenceException("Failed to attach findings to engagement.", e);
     }
   }