I'm developing an application that creates company calendar with data recived from other systems (it's a part of bigger J2EE app, for calendar export I'm using ical4j). One of client requirements was to put 'secret token' into calendar sync link in order to be able to reset it to make previously generated links for calendar sync unuseable. In other words it works like this:
- user clicks 'export link' button and he/she see the link for calendar sync (that can be copy-pasted into iCal, google calendar, etc). The link looks as follow:
(server/constant part) + userName + secret code (random, unique-per-user token)
user copy it and perform calendar sync with his/her phone/other calendar reader
after each sync request (each time phone is asking server for calendar sync) application checks if token from request matches one stored in database (if token is valid), and if yes - calendar (*.ics file) is returned.
if, for example, phone is stolen, user is able to reset this secret token, and if phone asks server for calendar sync and token from request and from database would be different and no calendar would be returned.
My question is, is there a possibility (iCalendar format support or any other way) to displaying errors to user (or to let them know something went wrong). I mean, when user try to sync calendar with wrong/expired token, all he/she would see (tested in thinderbird + lightning) is the same old calendar - no error, no info that nothing was updated, etc (only thing I can get is log entry on server). Some semi-solution would be to send empty calendar, but it looks more like 'hack' than real solution.
Thanks for any help.
