Integrator backend service for speed.measurementlab.net. This service acts as a security boundary between the frontend client and M-Lab's token exchange service.
The service provides a single endpoint that:
- Exchanges the M-Lab API key for a short-lived JWT token via M-Lab's token exchange service
- Returns the JWT to the frontend client
The frontend then uses this JWT to access M-Lab's Locate API at
/v2/priority/nearest.
| Flag | Environment Variable | Default | Description |
|---|---|---|---|
-listen-addr |
LISTEN_ADDR |
:8080 |
Address to listen on |
-api-key |
API_KEY |
(required) | M-Lab API key for token exchange |
-token-exchange-url |
TOKEN_EXCHANGE_URL |
https://auth.mlab-sandbox.measurementlab.net/v0/token/integration |
URL of the token exchange service |
-allowed-origin |
ALLOWED_ORIGIN |
https://speed.measurementlab.net |
Allowed CORS origin |
Returns a JWT token for authenticating with M-Lab's Locate API.
Response:
{
"token": "<jwt-token>"
}Health check endpoint. Returns 200 OK with body ok.
gcloud run deploy speed-proxy \
--source . \
--region us-central1 \
--set-env-vars "API_KEY=mlabk.ki_xxx.secret" \
--allow-unauthenticatedAPI_KEY="mlabk.ki_xxx.secret" go run . -allowed-origin="http://localhost:3000"# Build
docker build -t speed-proxy .
# Run
export API_KEY="mlabk.ki_xxx.secret"
docker run -p 8080:8080 -e API_KEY speed-proxy