JAVATEL Inc.株式会社ジャバテル
HomeResourceSlimeTree-RLMMetaGatewaySetup

Gateway setup guide ― Meta App + Claude key + nginx

Get Meta login working in 3 steps. Takes ~30 minutes, no billing, no Meta App review required (just public_profile + email).

Step 1. Create an app on Meta for Developers

1Sign in to developers.facebook.com (a personal Facebook account is fine). My Apps → "Create App"

2Choose use case: "Authenticate users with Facebook Login and request data" (no review required).

3App name = JAVATEL RLM Gateway (anything), enter a contact email, business portfolio optional.

4Left sidebar: open "App Settings" → "Basic" and copy the App ID (this is your META_APP_ID).

5"Add Platform" → "Website", Site URL = https://javatel.co.jp/

6"Products" → "Facebook Login" → "Settings", add to Valid OAuth Redirect URIs:

https://javatel.co.jp/ja/resource/slimetree-rlm/meta/gateway/
https://javatel.co.jp/resource/slimetree-rlm/meta/gateway/

Step 2. Drop the App ID into the Gateway HTML

With your App ID, replace the line below in both /ja/resource/slimetree-rlm/meta/gateway/index.html and /resource/slimetree-rlm/meta/gateway/index.html:

// === Config: Meta App ID ===
const META_APP_ID = '__JAVATEL_META_APP_ID__';
//                                         ↑ paste the ~15-digit number here
//                                           e.g. '1234567890123456'

Open the gateway over HTTPS and the "Sign in with Meta" button activates.

Note: Even in "Development mode" (default), the app creator and users with the developer role can sign in. For general public access, switch to "Live mode" (no review required: Settings → Basic → App Mode → Live).

Step 3. nginx headers (optional / required when switching to shared-memory WASM)

The mock WASM does not need SharedArrayBuffer, so Step 3 can be skipped for this demo. Only needed when swapping to the real WASM (272 KB) and using WebWorker / persistence:

server {
    listen 443 ssl http2;
    server_name javatel.co.jp;

    # Enable COOP/COEP only on the gateway path (don't affect other paths)
    location /gateway/ {
        add_header Cross-Origin-Opener-Policy   "same-origin" always;
        add_header Cross-Origin-Embedder-Policy "require-corp" always;
        add_header Cross-Origin-Resource-Policy "same-origin" always;
    }
    location /ja/resource/slimetree-rlm/meta/gateway/ {
        add_header Cross-Origin-Opener-Policy   "same-origin" always;
        add_header Cross-Origin-Embedder-Policy "require-corp" always;
        add_header Cross-Origin-Resource-Policy "same-origin" always;
    }
    location ~ \.wasm$ {
        types { application/wasm wasm; }
        add_header Cross-Origin-Resource-Policy "same-origin" always;
    }
}

Step 4. Claude API key (user-side config)

Anthropic API is called only on R verdicts. The end user:

  1. Go to console.anthropic.comAPI Keys → Create Key
  2. Copy the key (sk-ant-api03-...)
  3. Paste it into the Gateway's "2. Claude (Anthropic) API key" field and click "Save"

The key is stored only in the browser's localStorage; it is never sent to JAVATEL servers (browser direct call, with the anthropic-dangerous-direct-browser-access: true header for explicit consent). Usage is billed directly to the key owner's Anthropic account.

Step 5. Verification

# Login route
curl -I https://javatel.co.jp/resource/slimetree-rlm/meta/gateway/                 # 200
# WASM mock
curl -I https://javatel.co.jp/ja/resource/slimetree-rlm/meta/gateway/slimetree-rlm-mock.js  # 200, application/javascript

# (optional) COOP/COEP check
curl -sI https://javatel.co.jp/resource/slimetree-rlm/meta/gateway/ | grep -i "cross-origin"

# License API (multi-service) sanity check
curl -s https://javatel.co.jp/api/trial/services | python3 -m json.tool   # returns 7 services

Step 6. Swapping the mock JS for the real WASM

Once you have the real SlimeTree-RLM WASM (about 272 KB), you can switch by changing just one line in index.html. All subsequent calls (rlm.route(text) onward) are identical.

// === mock version (current) ===
import { SlimeTreeRLM } from './slimetree-rlm-mock.js';
const rlm = new SlimeTreeRLM();
await rlm.init();

// === real WASM version ===
import init, { SlimeTreeRLM } from './slimetree_rlm.js';
await init({
  module_or_path: './slimetree_rlm_bg.wasm',
  // For shared memory use: memory: new WebAssembly.Memory({ shared: true, ... })
});
const rlm = new SlimeTreeRLM({
  capacity: 16 * 1024 * 1024,
  audit:    true,
  // mode: 'shared',  // only when sharing across a SAB-backed WebWorker pool
});

If you use shared memory (WebWorker pool), the COOP/COEP headers in Step 3 of this page are required. See the Intermediate Tutorial (SAB + WASM build) for details.

Note: The real WASM is under the SlimeTree-RLM commercial license. The swap code in this file is itself MIT (public), but the slimetree_rlm_bg.wasm binary itself requires a separate license agreement.

Step 7. License server check (optional)

The Gateway calls a real license server (Python + SQLite + Ed25519, running on 127.0.0.1:8765) via endpoints like /api/trial/subscription/start. To confirm users can start a 30-day trial with email + password:

# Service catalog (public)
curl -s https://javatel.co.jp/api/trial/services

# Auth endpoint (empty body → 400 confirms endpoint is alive)
curl -s -o /dev/null -w "%{http_code}\n" -X POST https://javatel.co.jp/api/account/me/subscriptions \
    -H "Content-Type: application/json" -d '{}'                          # 400 → OK

Related