push notifications with CURL on PWA application with PHP

Question

I am working on a PWA web application. I already completed the code on the browser side.

On the server side I use PHP and I have the following information:

$publicKey = '123456789...';
$privateKey = 'abcdefg....';

$subscription = '{"endpoint":"https://fcm.googleapis.com/fcm/send/eCCP-Bu3sXQ:APA91bFbbjw....","expirationTime":null,"keys":{"p256dh":"BIwBDcsp.....","auth":"RKGkA...."}}';

Now I would like to send a push notification to the user. I prefer to use CURL over Web Push library as I do not want to install additional packages on the server.

My php code so far is

$url = 'https://fcm.googleapis.com/fcm/send';
    
$fields = array('to' => $user, 
                'notification' => array('title' => 'My title', 
                                        'body' => $body_of_message, 
                                        'click_action' => 'https://www.website.com/', 
                                        'icon'=> 'https://www.website.com/icon.png'
                               ), 
            'priority' => 10
            );
        
$headers = array('Authorization:key = ??????',
                 'Content-Type: application/json'
        );
      
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($fields));
$output = curl_exec($ch);

question: how do I generate the VAPID code ? how do I properly encrypt the message? How do I calculate the Authorization:key? Does anyone has a tutorial/code that can help me ?

Thank you :)