A missing Authorization header is reported with 400 instead of 401 status code when served by a route created using the declarative endpoint syntax.

To Reproduce

1. Create a simple endpoint using Endpoint(PathCodec.Get).header(HeaderCodec.authorization).
2. Send a request without Authorization header.
3. Get a response with 400 status code.

Expected Behaviour

According to the RFC, in such case a response should have 401 Unauthorized code:

The 401 (Unauthorized) status code indicates that the request has not
been applied because it lacks valid authentication credentials for
the target resource.