basic auth realm param (#715)

* test for quoted realm param value

* fix: quoted realm param value

* changelog entry

CHANGELOG.md

@@ -9,6 +9,7 @@ Unreleased changes are available as `avenga/couper:edge` container.
 
 * **Fixed**
   * Erroneously sending an empty [`Server-Timing` header](https://docs.couper.io/configuration/command-line#oberservation-options) ([#700](https://github.com/avenga/couper/pull/700))
+  * `WWW-Authenticate` header `realm` param value for [`basic_auth`](https://docs.couper.io/configuration/block/basic_auth) ([#715](https://github.com/avenga/couper/pull/715))
 
 ---
 

config/ac_basic_auth.go

@@ -1,6 +1,8 @@
 package config
 
 import (
+	"fmt"
+
 	"github.com/hashicorp/hcl/v2"
 	"github.com/hashicorp/hcl/v2/gohcl"
 	"github.com/hashicorp/hcl/v2/hclsyntax"
@@ -54,7 +56,7 @@ func (b *BasicAuth) Schema(inline bool) *hcl.BodySchema {
 func (b *BasicAuth) DefaultErrorHandler() *ErrorHandler {
 	wwwAuthenticateValue := "Basic"
 	if b.Realm != "" {
-		wwwAuthenticateValue += " realm=" + b.Realm
+		wwwAuthenticateValue += fmt.Sprintf(" realm=%q", b.Realm)
 	}
 	return &ErrorHandler{
 		Kinds: []string{"basic_auth"},

server/http_error_handler_test.go

@@ -85,8 +85,8 @@ func TestAccessControl_ErrorHandler_BasicAuth_Default(t *testing.T) {
 		return
 	}
 
-	if www := res.Header.Get("www-authenticate"); www != "Basic realm=protected" {
-		t.Errorf("Expected header: www-authenticate with value: %s, got: %s", "Basic realm=protected", www)
+	if www := res.Header.Get("www-authenticate"); www != `Basic realm="protected"` {
+		t.Errorf("Expected header: www-authenticate with value: %s, got: %s", `Basic realm="protected"`, www)
 	}
 }