fix: return user understandable response for request parse and validation

[hustxiayang]

Description

Motivation: Users complain they just got a 500 and None when they have bugs. There is not any useful information.
Thus, instead of returning nil, I think it's better to return some useful information and valid status code to users

I updated 3 places, other places I think it's totally controlled by ai-gateway, thus I feel it's ok to still return nil:

https://github.com/envoyproxy/ai-gateway/blob/a2ba2c9ed8e7488d6fd76dbcbe08ac7008170e5d/internal/extproc/processor_impl.go#L328C15-L329C55

ai-gateway/internal/extproc/processor_impl.go

Line 359 in a2ba2c9

if err != nil {

ai-gateway/internal/extproc/processor_impl.go

Line 368 in a2ba2c9

if err != nil {

ai-gateway/internal/extproc/processor_impl.go

Line 394 in a2ba2c9

if err != nil {

ai-gateway/internal/extproc/processor_impl.go

Line 435 in a2ba2c9

if err != nil {

after discussion, this place

ai-gateway/internal/extproc/processor_impl.go

Line 282 in 932c4e2

if err != nil {

should still return nil too as this is not real auth

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.29%. Comparing base (932c4e2) to head (8ebc785).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1621      +/-   ##
==========================================
+ Coverage   83.26%   83.29%   +0.03%     
==========================================
  Files         137      137              
  Lines       12051    12069      +18     
==========================================
+ Hits        10034    10053      +19     
- Misses       1410     1411       +1     
+ Partials      607      605       -2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[hustxiayang]

/retest

[mathetake]

You can't just return the internal error. That will expose the security risk and implementation detail. Imagine a SaaS service running this project. You have to explicitly define error type you want to return vs others.

[hustxiayang]

@mathetake could you please tell me why it's internal error? Suppose the user's input is not valid, and can not be unmarshaled? Why we can not return the error to users? Or you just mean I should change the error message and not to include the error?

[yuzisun]

@mathetake could you please tell me why it's internal error? Suppose the user's input is not valid, and can not be unmarshaled? Why we can not return the error to users? Or you just mean I should change the error message?

@hustxiayang we need to separate out the validation errors, process body can return other internal gateway errors which should not return immediate response.

[hustxiayang]

@mathetake @yuzisun Thanks a lot for your comments! This is only to return immediate response when the request is not parsable or not able to be processed. I reverted the changes in

ai-gateway/internal/extproc/processor_impl.go

Line 282 in 932c4e2

if err != nil {

, and make this one still return nil as this is not real auth. For other returns, they are still nil as in the description.