JS-7167 Add fcm api support

[nat-aryucharoen]

This PR: in progress

• follow FCM Support rpush/rpush#620 and FCM support - v1.1 rpush/rpush#660 to implement fcm to the rpush gem
• only handle fcm for active record (not radis)
• use token from app (will need to be manually create)
• web pr: https://github.com/Codefied/housecall-web/pull/51310
• jira: https://housecall.atlassian.net/browse/JS-7167

[danielnho22]

[Question/Blocker]: Is there a reason why this is being set here? I think either of these should be configurable from outside of this project

The library shouldn't be dependent on Settings.

[v7chan]

It looks like this should be stored in the rpush_apps table. It uses STI, so we'd need to add a new column for it to do it properly.

[nat-aryucharoen]

add new columns to rpush apps: https://github.com/Codefied/housecall-web/pull/51155

[danielnho22]

[NOTE]: These are the same validations as current GCM, so we're good. I think this is good.

[danielnho22]

I think as it stands, the PR mostly works. I'd like to see if we can find away around not passing accessing Settings directly.

I also don't know how data is set in this case..

[danielnho22]

@v7chan Could you take a look too?

[v7chan]

We should fill this in to make it clear which columns we need for Fcm (presumably with the new column for project_id)

[nat-aryucharoen]

also need other columns also to make OAuth logic for fetching an access token self-contained in the Rpush: https://github.com/Codefied/housecall-web/pull/51155/files#diff-ad01b5deb18c1010b83f08165e8b3bdedd5e72e17a62a2c644506a8617f1b2ffR9

looks ok?

[nat-aryucharoen]

added validates :fcm_json_token, presence: true

fcm_access_token and fcm_access_token_expiration will be filled in with the first call, so i guess i cannot add the validation here

[v7chan]

Shouldn't registration_ids not be set for FCM notifications? GCM allowed for multiple as array, but it looks like we want to use the device_token (singular) field here

[nat-aryucharoen]

fcm does not use registration_ids, i can remove this validation

[v7chan]

I'm not sure if I'm following this correctly. priority= only allows the values of 10 and 5, do we need to handle these other values?

[nat-aryucharoen]

we can remove this since we remove the duplicate override

[v7chan]

Does this need to be duplicated here? I think this is only for Android-specific override if necessary and since we are not using FCM to deliver to both platforms, not having to duplicate this key makes the payload smaller

I see similar duplicated values like notification_priority within the Android overrides. In general, I think the first phase of FCM we are adding is only to deliver to Android, Apns8 will continue to be used for iOS. So we can avoid duplicating platform-overrides for now.

How we use rpush will need to change if we are to deliver to both iOS and Android via FCM and that's not the intention right now anyway.

[v7chan]

I think we should either map this or disallow this field from being set, this comment won't be visible to users of rpush

[nat-aryucharoen]

looks like we are not currently using 'content_available' for sending push to android, if the anyone add this to the fcm notification, the NotificationKeysInAllowedListValidator will catch it.

[v7chan]

As we roll this out, it's worth catching up with the 400/401s we've been facing from Firebase in our web push. As far as I remember, there was a bit of intermittent nature to them and I don't know if Voice ever got to the bottom of it

https://housecall.atlassian.net/browse/VOICE-6463

At the very least we'll need to monitor closely to know if we're failing to deliver more than normal on FCM v1 compared to legacy.

[danielnho22]

it's worth catching up with the 400/401s

What do you mean by "catch up with"? As in have visibility into why they happen? We'll ensure we have some monitoring before we roll out.

Since failures get logged to sumologic we can add some reporting there. If needed, we can also add some metrics to datadog with the Reflections API, but I figured the sumologic logs should be good enough.

[v7chan]

As in have visibility into why they happen?

Yeah, just chat with Voice and/or read the investigations they've left behind. There was some number of mysterious errors that I don't know if they ever got to the bottom of, just don't want us to assume all requests will magically work

[nat-aryucharoen]

might be this? for 401: https://firebase.google.com/docs/reference/fcm/rest/v1/ErrorCode

THIRD_PARTY_AUTH_ERROR (HTTP error code = 401) APNs certificate or web push auth key was invalid or missing. | A message targeted to an iOS device or a web push registration could not be sent. Check the validity of your development and production credentials

[danielnho22]

it's worth catching up with the 400/401s

What do you mean by "catch up with"? As in have visibility into why they happen? We'll ensure we have some monitoring before we roll out.

Since failures get logged to sumologic we can add some reporting there. If needed, we can also add some metrics to datadog with the Reflections API, but I figured the sumologic logs should be good enough.