外掛標籤
開發者團隊
② 後台搜尋「RafaelMarreca Push Dispatch for Firebase Cloud Messaging」→ 直接安裝(推薦)
原文外掛簡介
RafaelMarreca Push Dispatch connects your WordPress site to your mobile app by sending notifications through Google’s Firebase Cloud Messaging (FCM HTTP v1) service. No PHP SDK, no Guzzle, no external PHP dependencies — just the WordPress HTTP API and the OpenSSL extension.
How it works
Uses topic subscriptions — your mobile app calls subscribeToTopic() for each topic it wants to receive. No device tokens are stored, no PII is collected, no extra database tables are created.
When a post is published, the primary category determines the topic name (configurable via Settings → RafaelMarreca Push Dispatch).
A dedicated notification composer (custom post type) lets you send manual push notifications with a custom title, body, topic, and optional deep link — without creating a real post.
Features
OAuth2 JWT authentication (RS256) for FCM HTTP v1
Automatic push on post publish, mapped by category
Manual notification composer with live phone preview and character counters
Deep link support (any custom URL scheme)
OAuth2 access token cached for 55 minutes to minimise round-trips
Service account JSON stored outside the database with .htaccess deny + chmod 600
Idempotent dispatch — republishing never resends
Requirements
A Firebase project with Cloud Messaging enabled
A Firebase service account JSON (downloaded from the Firebase Console)
PHP openssl extension (bundled with most hosts)
Your mobile app must call subscribeToTopic() for each topic
Disclaimer
Firebase, Firebase Cloud Messaging and Google are trademarks of Google LLC. This plugin is an independent, third-party integration and is not affiliated with, endorsed by, or sponsored by Google LLC.
Service Account Setup
In the Firebase Console: ⚙ Project settings → Service accounts → Generate new private key → download the JSON → upload it in the plugin settings.
The file is stored in wp-content/uploads/rafaelmarreca-push-private/ with .htaccess deny rules and chmod 600. It is never stored in the database.
Mobile App Setup
Your app needs to call subscribeToTopic(getMessaging(), '
Example (React Native / Firebase JS SDK):
await messaging().subscribeToTopic(‘all’);
External services
This plugin relies on two external services operated by Google LLC in order to deliver push notifications. Both are part of the Google Cloud / Firebase platform. The plugin will not send any data to them until you configure it with a Firebase service account JSON and either publish a post (with auto-send enabled), publish a notification via the composer, or click “Send test” on the settings page.
1. Google OAuth2 (oauth2.googleapis.com)
What it is and what it is used for: Google’s OAuth2 token service. The plugin needs a short-lived access token to authenticate against Firebase Cloud Messaging. To obtain it, the plugin signs a JWT locally with the private key from your service account JSON and exchanges it for an access token.
When data is sent: Once when the cached access token expires (every 55 minutes) and on the first send action.
What data is sent: A POST request to https://oauth2.googleapis.com/token containing the OAuth2 urn:ietf:params:oauth:grant-type:jwt-bearer grant and a signed JWT. The JWT contains your service account’s client_email, the scope https://www.googleapis.com/auth/firebase.messaging, the audience URL, and issued-at/expiration timestamps. No WordPress user data, no post content, and no visitor data is sent.
Provider: Google LLC
Terms of service: https://policies.google.com/terms
Privacy policy: https://policies.google.com/privacy
2. Firebase Cloud Messaging (fcm.googleapis.com)
What it is and what it is used for: Google’s push notification delivery service. The plugin uses the FCM HTTP v1 API to publish a notification to a topic that your mobile app has subscribed to.
When data is sent: Every time a notification is dispatched — that is, when a post is published (with the auto-send option enabled), when a notification is published via the “Notifications” composer, or when the administrator clicks “Send test” on the settings page.
What data is sent: A POST request to https://fcm.googleapis.com/v1/projects/{your_project_id}/messages:send containing: the destination topic name (e.g. “news”), the notification title (max 65 chars) and body (max 140 chars) you typed or that were extracted from your post, an optional deep link URL (when set in the composer), and the post ID / slug / category ID as plain identifiers in the data payload. No WordPress user data, no IP addresses, and no device identifiers are sent.
Provider: Google LLC
Terms of service: https://policies.google.com/terms
Firebase-specific terms: https://firebase.google.com/terms
Privacy policy: https://policies.google.com/privacy
By configuring the plugin with your Firebase service account JSON and publishing posts or notifications, you agree to the Google Terms of Service, the Firebase Terms of Service, and the Google Privacy Policy linked above.
