From 82ee354617063b49b083b5ec84fd85fccd187f71 Mon Sep 17 00:00:00 2001
From: Marco Enrico Piras <kikkomep@crs4.it>
Date: Thu, 30 Sep 2021 16:41:38 +0000
Subject: [PATCH 1/6] Add basic utility function to decode a base64 string

---
 lifemonitor/utils.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lifemonitor/utils.py b/lifemonitor/utils.py
index 12f74a68f..91fcb3651 100644
--- a/lifemonitor/utils.py
+++ b/lifemonitor/utils.py
@@ -19,6 +19,7 @@
 # SOFTWARE.
 
 
+import base64
 import functools
 import glob
 import json
@@ -119,6 +120,17 @@ def sizeof_fmt(num, suffix='B'):
     return "%.1f%s%s" % (num, 'Yi', suffix)
 
 
+def decodeBase64(str, as_object=False, encoding='utf-8'):
+    result = base64.b64decode(str)
+    if not result:
+        return None
+    if encoding:
+        result = result.decode(encoding)
+        if as_object:
+            result = json.loads(result)
+    return result
+
+
 def get_base_url():
     server_name = None
     try:

From 1c8bfa8574cacc2f561f0723fcf0639a7d3bcbda Mon Sep 17 00:00:00 2001
From: Marco Enrico Piras <kikkomep@crs4.it>
Date: Thu, 30 Sep 2021 16:42:32 +0000
Subject: [PATCH 2/6] Detect and decode 'back' parameter

---
 lifemonitor/auth/controllers.py | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/lifemonitor/auth/controllers.py b/lifemonitor/auth/controllers.py
index 548f527bd..2f3601d28 100644
--- a/lifemonitor/auth/controllers.py
+++ b/lifemonitor/auth/controllers.py
@@ -24,7 +24,7 @@
 from flask import flash, redirect, render_template, request, url_for
 from flask_login import login_required, login_user, logout_user
 from lifemonitor.utils import (NextRouteRegistry, next_route_aware,
-                               split_by_crlf)
+                               split_by_crlf, decodeBase64)
 
 from .. import exceptions
 from ..utils import OpenApiSpecs
@@ -88,14 +88,22 @@ def index():
 
 
 @blueprint.route("/profile", methods=("GET",))
-def profile(form=None, passwordForm=None, currentView=None):
+def profile(form=None, passwordForm=None, currentView=None, back=None):
     currentView = currentView or request.args.get("currentView", 'accountsTab')
     logger.debug(OpenApiSpecs.get_instance().authorization_code_scopes)
+    back_param = request.args.get('back', None)
+    try:
+        if back_param:
+            back_param = decodeBase64(back_param, as_object=True)
+            logger.debug("detected back param: %r", back_param)
+    except Exception as e:
+        logger.error("Unable to decode back param: %s", str(e))
     return render_template("auth/profile.j2",
                            passwordForm=passwordForm or SetPasswordForm(),
                            oauth2ClientForm=form or Oauth2ClientForm(),
                            providers=get_providers(), currentView=currentView,
-                           oauth2_generic_client_scopes=OpenApiSpecs.get_instance().authorization_code_scopes)
+                           oauth2_generic_client_scopes=OpenApiSpecs.get_instance().authorization_code_scopes,
+                           back_param=back_param)
 
 
 @blueprint.route("/register", methods=("GET", "POST"))

From 69fb3b67ce65d9e38cbd5334f8a93e3fe011f209 Mon Sep 17 00:00:00 2001
From: Marco Enrico Piras <kikkomep@crs4.it>
Date: Thu, 30 Sep 2021 16:43:45 +0000
Subject: [PATCH 3/6] Update user profile page to render a 'back' link

---
 lifemonitor/auth/templates/auth/profile.j2 | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/lifemonitor/auth/templates/auth/profile.j2 b/lifemonitor/auth/templates/auth/profile.j2
index 6b26ccec9..f632eece9 100644
--- a/lifemonitor/auth/templates/auth/profile.j2
+++ b/lifemonitor/auth/templates/auth/profile.j2
@@ -22,6 +22,15 @@
 
     <!-- OAuth2 Client Form -->
     <div class="clearfix">
+    {% if back_param %}
+    <a href="{{ back_param['url'] }}" title="{{ back_param['title'] }}">
+      <i class="fas fa-caret-left mx-1"></i>
+      {% if back_param['text'] %}{{ back_param['text']}}
+      {%else%}
+      back {% if back_param['name'] %}to {{back_param['name']}}{% endif %}
+      {%endif%}
+    </a>
+    {% endif %}
     {% include 'auth/oauth2_client_pane.j2' %}
     </div>
 

From f2ef7cc99c99c7ce157e1098a3338da0d64e667b Mon Sep 17 00:00:00 2001
From: Marco Enrico Piras <kikkomep@crs4.it>
Date: Tue, 5 Oct 2021 13:50:02 +0000
Subject: [PATCH 4/6] Make 'back' parameter a simple boolean flag

---
 lifemonitor/auth/controllers.py            |  3 +--
 lifemonitor/auth/templates/auth/profile.j2 | 10 ++++------
 2 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/lifemonitor/auth/controllers.py b/lifemonitor/auth/controllers.py
index 2f3601d28..18f38213c 100644
--- a/lifemonitor/auth/controllers.py
+++ b/lifemonitor/auth/controllers.py
@@ -91,10 +91,9 @@ def index():
 def profile(form=None, passwordForm=None, currentView=None, back=None):
     currentView = currentView or request.args.get("currentView", 'accountsTab')
     logger.debug(OpenApiSpecs.get_instance().authorization_code_scopes)
-    back_param = request.args.get('back', None)
+    back_param = request.args.get('back', False)
     try:
         if back_param:
-            back_param = decodeBase64(back_param, as_object=True)
             logger.debug("detected back param: %r", back_param)
     except Exception as e:
         logger.error("Unable to decode back param: %s", str(e))
diff --git a/lifemonitor/auth/templates/auth/profile.j2 b/lifemonitor/auth/templates/auth/profile.j2
index f632eece9..f7d9278ae 100644
--- a/lifemonitor/auth/templates/auth/profile.j2
+++ b/lifemonitor/auth/templates/auth/profile.j2
@@ -23,12 +23,10 @@
     <!-- OAuth2 Client Form -->
     <div class="clearfix">
     {% if back_param %}
-    <a href="{{ back_param['url'] }}" title="{{ back_param['title'] }}">
-      <i class="fas fa-caret-left mx-1"></i>
-      {% if back_param['text'] %}{{ back_param['text']}}
-      {%else%}
-      back {% if back_param['name'] %}to {{back_param['name']}}{% endif %}
-      {%endif%}
+
+    <a href="#" onclick="window.close();return false;" title="{{ back_param['title'] }}" >
+      <i class="fas fa-caret-left mx-1"></i>     
+      back
     </a>
     {% endif %}
     {% include 'auth/oauth2_client_pane.j2' %}

From 403175ebf597a5956e7f7199ba8482c175e23def Mon Sep 17 00:00:00 2001
From: Marco Enrico Piras <kikkomep@crs4.it>
Date: Tue, 5 Oct 2021 14:16:57 +0000
Subject: [PATCH 5/6] Preserve back param during the current session

---
 lifemonitor/auth/controllers.py | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/lifemonitor/auth/controllers.py b/lifemonitor/auth/controllers.py
index 18f38213c..defb59a98 100644
--- a/lifemonitor/auth/controllers.py
+++ b/lifemonitor/auth/controllers.py
@@ -21,7 +21,7 @@
 import logging
 
 import flask
-from flask import flash, redirect, render_template, request, url_for
+from flask import flash, redirect, render_template, request, session, url_for
 from flask_login import login_required, login_user, logout_user
 from lifemonitor.utils import (NextRouteRegistry, next_route_aware,
                                split_by_crlf, decodeBase64)
@@ -91,12 +91,15 @@ def index():
 def profile(form=None, passwordForm=None, currentView=None, back=None):
     currentView = currentView or request.args.get("currentView", 'accountsTab')
     logger.debug(OpenApiSpecs.get_instance().authorization_code_scopes)
-    back_param = request.args.get('back', False)
-    try:
-        if back_param:
-            logger.debug("detected back param: %r", back_param)
-    except Exception as e:
-        logger.error("Unable to decode back param: %s", str(e))
+    back_param = request.args.get('back', None)
+    logger.debug("detected back param: %r", back_param)
+    if not current_user.is_authenticated:
+        session['lm_back_param'] = back_param
+        logger.debug("Pushing back param to session")
+    else:
+        logger.debug("Getting back param from session")
+        back_param = back_param or session.get('lm_back_param', False)
+        logger.debug("detected back param: %s", back_param)
     return render_template("auth/profile.j2",
                            passwordForm=passwordForm or SetPasswordForm(),
                            oauth2ClientForm=form or Oauth2ClientForm(),

From f2264b7d9a198c51cc50a91111a2dd25acddc895 Mon Sep 17 00:00:00 2001
From: Marco Enrico Piras <kikkomep@crs4.it>
Date: Tue, 5 Oct 2021 18:51:34 +0000
Subject: [PATCH 6/6] Fix unused import

---
 lifemonitor/auth/controllers.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lifemonitor/auth/controllers.py b/lifemonitor/auth/controllers.py
index defb59a98..dd4f92a10 100644
--- a/lifemonitor/auth/controllers.py
+++ b/lifemonitor/auth/controllers.py
@@ -24,7 +24,7 @@
 from flask import flash, redirect, render_template, request, session, url_for
 from flask_login import login_required, login_user, logout_user
 from lifemonitor.utils import (NextRouteRegistry, next_route_aware,
-                               split_by_crlf, decodeBase64)
+                               split_by_crlf)
 
 from .. import exceptions
 from ..utils import OpenApiSpecs