Comments (15)
I will update this example project to be used with the google-cloud-speech
API (currently it's set up to the old speech
API which is a different service).
from speech-to-flac.
That would be great, thanks!
from speech-to-flac.
I updated the example to work with Google Cloud Speech
service.
Unfortunately, for now it only works if you use your API key, i.e. does not work using OAuth in combination with a service account key (because Google does not seem to support CORS authentification for the Cloud Speech
directly).
So I would advise against using this in any publicly accessible form, since you'd need to include your (secret) API key.
NOTE: for testing you can set your API key as URL param, e.g. on the demo page
https://mmig.github.io/speech-to-flac/?key=<your API key>
from speech-to-flac.
from speech-to-flac.
What about doing an AJAX request and using PHP to provide the value of the API key? That way it would get set right before the API request so you wouldn't be able to see, right?
from speech-to-flac.
Ah, that won't work. You can just monitor the http requests. Hmm...
from speech-to-flac.
the request wouldn't necessarily be be the problem, e.g. if you make a POST request via an SSL connection
But for really secret stuff, you just should not transfer it to a javascript client, if you cannot be sure, that only friendly users will have access
... because javascript is plain-text & quite easily debuggable; each major browser is shipped with extensive development tools
The OAuth token has the main advantage that its time-limited -- even if someone would spy the access-token, it could only be miss-used for some limited amount of time.
from speech-to-flac.
Sorry to drive you crazy! So here is what I think would work...
https://codepen.io/iospadov/post/apis-and-authentication-keeping-your-access-keys-secure
Send the XMLHttpRequest to PHP on my server, add the API Key, and then make the API call via PHP, using the data received from the XMLHttpRequest, Does that make sense to you?
from speech-to-flac.
yes, basically a proxy service from the client to your server to the Google service
But in that case, I would use one of the client libraries that Google offers for the Cloud Speech
services -- it's probably much easier to use
Another approach would be the OAuth authentification (i.e. using a service account key) in combination with Google Cloud Storage
:
- upload the audio using the Google
Could Storage
service (which does support CORS) - reference the uploaded audio by its
uri
in the request to theCould Speech
service
from speech-to-flac.
from speech-to-flac.
nice find!
I did not know about the possibility to set the access token as URL param
I changed the example code, so that is works now with the access_token
(generated using a service key) too.
For a real-live application you'd need a mechanism for users to retrieve the access_token
with a request to a service or something similar.
from speech-to-flac.
from speech-to-flac.
Hi! To use this on production, would need to implement this, correct?
https://developers.google.com/identity/protocols/OAuth2UserAgent
from speech-to-flac.
hmm, I am not sure -- I am not an expert in this, but it seems to me, the process described in the link is for granting an app access to Google user's private account/data (or parts thereof).
What would be needed here, is kind of the reverse scenario: it is not the user allowing access, but the web app/server/etc allowing access to the recognition service.
So you would need to know which users you want to grant access to this service -- if it's all users who have a Google account, then you could use the process that you linked to.
Basically, you need some process to decide which users should be allowed to use your service (whatever that process that might be) and then generate access_token
s for the allowed users.
For generating the access_token
s on your server, I included a simple sample script create_access_token.js in the repo. This would needed to be wrapped in service, and the service should only be accessible by allowed users.
E.g. if you use apache and have a fixed list of users, you could simply use .htaccess
with basic-auth for the web site.
from speech-to-flac.
Hi, I got this working!
I am generating an access_token
via PHP on the server side, then redirecting to your index.html page with key=[access_token].
For my purposes, this is good enough because I will be authenticating the user before they even get to the sound recording, and the access_token is only good for this app.
The ony issue for me is that is takes around 5 seconds to get a response back from Google Cloud. I would like to try to implement a streaming version, but that is a project for another day. Thanks so much for your help!
from speech-to-flac.
Related Issues (7)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from speech-to-flac.