According to the Telegram docs, to subscribe to web push notifications, you need to pass the following:
A JSON-encoded object with the following keys:
endpoint: Absolute URL exposed by the push service where the application server can send push messageskeys: P-256 elliptic curve Diffie-Hellman parameters in the following object
p256dh: Base64url-encoded P-256 elliptic curve Diffie-Hellman public keyauth: Base64url-encoded authentication secretWhat is the last key, auth is referring to?
This question is related but doesn't really answer my question.
EDIT: Here is some sample code to generate the keys per Wizou's solution.
As mentioned in the doc, payloads can also be encrypted using P-256 Elliptic Curve Diffie-Hellman when using web push.
As per the linked RFC, this encryption requires a public key, and an authentication secret.
In Section 3.2, the RFC specifies that you should generate this secret by providing a hard-to-guess sequence of 16 octets that is used for authentication of push messages. This SHOULD be generated by a cryptographically strong random number generator [RFC4086].