diff --git a/Gemfile b/Gemfile
index 25f1a0b9ef37956e4a27da26e581937d2ca89580..08dfd23aa20c0071059d4c7793e074081acd8a7d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -28,7 +28,7 @@ gem 'omniauth-saml',          '~> 1.4.0'
 gem 'omniauth-shibboleth',    '~> 1.2.0'
 gem 'omniauth-twitter',       '~> 1.2.0'
 gem 'omniauth_crowd'
-gem 'rack-oauth2',            '~> 1.0.5'
+gem 'rack-oauth2',            '~> 1.2.1'
 
 # Two-factor authentication
 gem 'devise-two-factor', '~> 2.0.0'
diff --git a/Gemfile.lock b/Gemfile.lock
index 6ad0b039c5caedcce0e88a512f9d33f2f2dc0005..8466e86492e8df6b7f708920108c6fb1bac6cf02 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -359,7 +359,7 @@ GEM
     httparty (0.13.5)
       json (~> 1.8)
       multi_xml (>= 0.5.2)
-    httpclient (2.6.0.1)
+    httpclient (2.7.0.1)
     i18n (0.7.0)
     ice_cube (0.11.1)
     ice_nine (0.11.1)
@@ -504,7 +504,7 @@ GEM
     rack-cors (0.4.0)
     rack-mount (0.8.3)
       rack (>= 1.0.0)
-    rack-oauth2 (1.0.10)
+    rack-oauth2 (1.2.1)
       activesupport (>= 2.3)
       attr_required (>= 0.0.5)
       httpclient (>= 2.4)
@@ -891,7 +891,7 @@ DEPENDENCIES
   quiet_assets (~> 1.0.2)
   rack-attack (~> 4.3.0)
   rack-cors (~> 0.4.0)
-  rack-oauth2 (~> 1.0.5)
+  rack-oauth2 (~> 1.2.1)
   rails (= 4.1.14)
   raphael-rails (~> 2.1.2)
   rblineprof