I created a Node.js based web application, running in an Azure Web App, that I wanted to put behind an Azure Active Directory authentication. After activating "App Service Authentication", the login process works normally, however upon returning to my app, it just returns a HTTP 431 "Request Header Fields Too Large".
To validate it's not my app, I checked the Azure web app sample for Node.js and even this returns a 431 when activating AAD.
Steps to reproduce:
Result: When opening the web app URL with a browser, it will show the log in process, following the process everything seems to work fine and the AAD returns to the application, however at that point it returns a HTTP 431.
Further tests:
Any ideas? Am I missing something?
Host your Node.js apps on a productive, flexible platform. Deploy your first Node.js app in minutes. Why Node.js on Azure? Easily deploy Node.js code to Azure from Visual Studio Code.
Run npm install on a Windows machine that has all the native module's prerequisites installed. Then, deploy the created node_modules folder as part of the application to Azure App Service.
In this quickstart, you'll learn how to create and deploy your first Node.js ( Express) web app to Azure App Service. App Service supports various versions of Node.js on both Linux and Windows.
By default, the total timeout in iisnode on Azure App Service is 200 * 250 ms = 50 seconds. This setting controls the directory where iisnode logs stdout/stderr. The default value is iisnode, which is relative to the main script directory (directory where main server.js is present)
This is a known issue since there is limitation with more recent versions of node that utilize a hard cap of 8KB for headers. EasyAuth adds some very large headers to the request, which can cause the node container to reject the request made by the middleware container with a 400. Read more about it here: This can be mitigated by setting the app setting WEBSITE_AUTH_DISABLE_IDENTITY_FLOW to true. This will remove one of the largest headers we add to the request. This header is generally only used by .NET Framework and Azure Functions apps, and so this setting should be safe.
If the issue still occurs, you can try with NodeJS 12 versions or increase the header size parameter: node server.js --max-http-header-size 81000
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With