diff --git a/Gemfile b/Gemfile
index bd8e9bd8fa10e1f9a6964db61a437f651616eade..0436e930653ca0fa948f237d26b992d298e7d731 100644
--- a/Gemfile
+++ b/Gemfile
@@ -28,7 +28,7 @@ gem 'omniauth-saml',          '~> 1.4.0'
 gem 'omniauth-shibboleth',    '~> 1.2.0'
 gem 'omniauth-twitter',       '~> 1.2.0'
 gem 'omniauth_crowd'
-gem 'rack-oauth2',            '~> 1.0.5'
+gem 'rack-oauth2',            '~> 1.2.1'
 
 # Two-factor authentication
 gem 'devise-two-factor', '~> 2.0.0'
diff --git a/Gemfile.lock b/Gemfile.lock
index 448941cfc8db6e1b4846508f90ec68349b3dadd4..ecd83b6979a129ef88723bd3525e2602e6698bed 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -357,7 +357,7 @@ GEM
     httparty (0.13.5)
       json (~> 1.8)
       multi_xml (>= 0.5.2)
-    httpclient (2.6.0.1)
+    httpclient (2.7.0.1)
     i18n (0.7.0)
     ice_cube (0.11.1)
     ice_nine (0.11.1)
@@ -502,7 +502,7 @@ GEM
     rack-cors (0.4.0)
     rack-mount (0.8.3)
       rack (>= 1.0.0)
-    rack-oauth2 (1.0.10)
+    rack-oauth2 (1.2.1)
       activesupport (>= 2.3)
       attr_required (>= 0.0.5)
       httpclient (>= 2.4)
@@ -889,7 +889,7 @@ DEPENDENCIES
   quiet_assets (~> 1.0.2)
   rack-attack (~> 4.3.0)
   rack-cors (~> 0.4.0)
-  rack-oauth2 (~> 1.0.5)
+  rack-oauth2 (~> 1.2.1)
   rails (= 4.1.14)
   raphael-rails (~> 2.1.2)
   rblineprof