The Brightcove access_token endpoint doesn't support CORS and requires the use of an Authorization header to retrieve an access token.
Thus, requests from web clients must be funneled through a server-based component which sets the Authorization header.
This is a quick and dirty implementation of an endpoint that supports retrieving an access token using express but is still compatible with the ASP.Net MVC based proxy contained in the connector VS Solution.
This endpoint listens to POSTs to localhost:3001/api/obtainAccessToken
With a recent version of nodejs installed:
npm install brightcove-auth-proxy
Then, to run:
use a process manager like PM2 to ensure the process continuously runs:
npm install pm2 -g pm2 start brightcove-auth-proxy
The auth proxy implementation uses a clientid/clientsecret defined in request objects, however, if one would rather define the clientid/secret on the server (and ignore the supplied id/secret in the request), use following environment variables:
CORS whitelisted domains and port can be controlled as well.
export BC_ClientId=clientid export BC_ClientSecret=clientsecret export BC_GrantType=clientsecret export BC_Whitelist=comma seperated domains export BC_Port=port number
The following environment variables control SSL:
export BC_SSL_Port=SSL port number export BC_SSL_Cert=path to ssl cert export BC_SSL_Key=path to ssl private key
To obtain a cert for local development, use openSSL:
openssl req -x509 -out localhost-3002.crt -keyout localhost-3002.key \ -newkey rsa:2048 -nodes -sha256 \ -subj '/CN=localhost:3002' -extensions EXT -config <( \ printf "[dn]\nCN=localhost:3002\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost:3002\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth") export BC_SSL_Cert=~/localhost-3002.crt export BC_SSL_Key=~/localhost-3002.key