diff --git a/Gemfile b/Gemfile
index 109cc9cca..6c9307d87 100644
--- a/Gemfile
+++ b/Gemfile
@@ -69,9 +69,9 @@ gem 'seed_dump'
 
 gem 'pg'
 
-gem 'devise', ">= 4.6.0"
+gem 'devise', '>= 4.6.0'
 
-gem 'omniauth', '~> 1.6.0'
+gem 'omniauth', '~> 1.9.0'
 gem 'omniauth-oauth2'
 gem 'omniauth-rails_csrf_protection', '~> 0.1'
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 18b226ff5..13398dd74 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -159,7 +159,7 @@ GEM
     execjs (2.7.0)
     faker (1.4.3)
       i18n (~> 0.5)
-    faraday (0.9.2)
+    faraday (0.16.2)
       multipart-post (>= 1.2, < 3)
     ffi (1.9.24)
     figaro (1.1.0)
@@ -180,7 +180,7 @@ GEM
       activerecord (>= 3.0)
     hashdiff (0.3.0)
     hashery (2.1.2)
-    hashie (3.5.7)
+    hashie (3.6.0)
     hike (1.2.3)
     htmlentities (4.3.4)
     http (3.0.0)
@@ -209,7 +209,7 @@ GEM
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
     json (1.8.6)
-    jwt (1.5.1)
+    jwt (2.2.1)
     kaminari (0.16.3)
       actionpack (>= 3.0.0)
       activesupport (>= 3.0.0)
@@ -243,8 +243,8 @@ GEM
       minitest (>= 5.0)
       ruby-progressbar
     multi_json (1.13.1)
-    multi_xml (0.5.5)
-    multipart-post (2.0.0)
+    multi_xml (0.6.0)
+    multipart-post (2.1.1)
     naught (1.1.0)
     nokogiri (1.10.4)
       mini_portile2 (~> 2.4.0)
@@ -252,19 +252,19 @@ GEM
       jbuilder (~> 2.0)
       rails (>= 4.2.0)
       responders (~> 2.0)
-    oauth2 (1.0.0)
-      faraday (>= 0.8, < 0.10)
-      jwt (~> 1.0)
+    oauth2 (1.4.2)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
-      rack (~> 1.2)
+      rack (>= 1.2, < 3)
     oj (2.12.8)
-    omniauth (1.6.1)
-      hashie (>= 3.4.6, < 3.6.0)
+    omniauth (1.9.0)
+      hashie (>= 3.4.6, < 3.7.0)
       rack (>= 1.6.2, < 3)
-    omniauth-oauth2 (1.3.1)
-      oauth2 (~> 1.0)
-      omniauth (~> 1.2)
+    omniauth-oauth2 (1.6.0)
+      oauth2 (~> 1.1)
+      omniauth (~> 1.9)
     omniauth-rails_csrf_protection (0.1.2)
       actionpack (>= 4.2)
       omniauth (>= 1.3.1)
@@ -513,7 +513,7 @@ DEPENDENCIES
   minitest-reporters
   notify_with
   oj
-  omniauth (~> 1.6.0)
+  omniauth (~> 1.9.0)
   omniauth-oauth2
   omniauth-rails_csrf_protection (~> 0.1)
   openlab_ruby
diff --git a/app/controllers/rss/events_controller.rb b/app/controllers/rss/events_controller.rb
index 735a707ec..2b6351ef5 100644
--- a/app/controllers/rss/events_controller.rb
+++ b/app/controllers/rss/events_controller.rb
@@ -1,9 +1,12 @@
+# frozen_string_literal: true
+
+# RSS feed about 10 last events
 class Rss::EventsController < Rss::RssController
 
   def index
     @events = Event.includes(:event_image, :event_files, :availability, :category)
-                  .where('availabilities.start_at >= ?', Time.now)
-                  .order('availabilities.start_at ASC').references(:availabilities).limit(10)
+                   .where('availabilities.start_at >= ?', Time.now)
+                   .order('availabilities.start_at ASC').references(:availabilities).limit(10)
     @fab_name = Setting.find_by(name: 'fablab_name').value
   end
 end
diff --git a/config/application.yml.default b/config/application.yml.default
index b44a9b949..b8822ecd6 100644
--- a/config/application.yml.default
+++ b/config/application.yml.default
@@ -1,16 +1,21 @@
 # Add application configuration variables here, as shown below.
 
+# Databases
 POSTGRES_HOST: localhost
 POSTGRES_PASSWORD:
 REDIS_HOST: localhost
 ELASTICSEARCH_HOST: localhost
 
+# Stripe
 SECRET_KEY_BASE: 83daf5e7b80d990f037407bab78dff9904aaf3c195a50f84fa8695a22287e707dfbd9524b403b1dcf116ae1d8c06844c3d7ed942564e5b46be6ae3ead93a9d30
 STRIPE_API_KEY:
 STRIPE_PUBLISHABLE_KEY:
 STRIPE_CURRENCY: 'eur'
 
+# Invoices
 INVOICE_PREFIX: Demo-FabLab-facture
+
+# FabLab optional modules
 FABLAB_WITHOUT_PLANS: 'false'
 FABLAB_WITHOUT_SPACES: 'true'
 FABLAB_WITHOUT_ONLINE_PAYMENT: 'false'
@@ -18,9 +23,11 @@ FABLAB_WITHOUT_INVOICES: 'false'
 
 DEFAULT_MAIL_FROM: Fab Manager Demo <noreply@fab-manager.com>
 
-# For prod & staging env only
+# Configure carefully!
 DEFAULT_HOST: 'localhost:5000'
 DEFAULT_PROTOCOL: http
+
+# Email config
 DELIVERY_METHOD: smtp
 SMTP_ADDRESS:
 SMTP_PORT: '587'
@@ -29,21 +36,28 @@ SMTP_PASSWORD:
 SMTP_AUTHENTICATION: 'plain'
 SMTP_ENABLE_STARTTLS_AUTO: 'true'
 SMTP_OPENSSL_VERIFY_MODE: ''
+
+# Google analytics
 GA_ID: ''
+
+# Google recaptcha
 RECAPTCHA_SITE_KEY: ''
 RECAPTCHA_SECRET_KEY: ''
-##
 
+# Projects comments
 DISQUS_SHORTNAME:
 
+# Twitter sharing & last tweet on home page
 TWITTER_NAME: 'FablabGrenoble'
 TWITTER_CONSUMER_KEY: ''
 TWITTER_CONSUMER_SECRET: ''
 TWITTER_ACCESS_TOKEN: ''
 TWITTER_ACCESS_TOKEN_SECRET: ''
 
+# Facebook sharing
 FACEBOOK_APP_ID: ''
 
+# I18N configuration
 RAILS_LOCALE: 'fr'
 APP_LOCALE: 'fr'
 MOMENT_LOCALE: 'fr'
@@ -60,10 +74,13 @@ D3_DATE_FORMAT: '%d/%m/%y'
 UIB_DATE_FORMAT: 'dd/MM/yyyy'
 EXCEL_DATE_FORMAT: 'dd/mm/yyyy'
 
+# OpenProjects
 OPENLAB_APP_SECRET:
 OPENLAB_APP_ID:
+# do not change this URL
 OPENLAB_BASE_URI: 'https://openprojects.fab-manager.com'
 
+# System settings
 LOG_LEVEL: 'debug'
 DISK_SPACE_MB_ALERT: '100'
 SUPERADMIN_EMAIL: 'admin@sleede.com'
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 1e82761d9..f78e2e1ba 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Use this hook to configure devise mailer, warden hooks and so forth.
 # Many of these configuration options can be set straight in your model.
 Devise.setup do |config|
@@ -43,12 +45,12 @@ Devise.setup do |config|
   # Configure which authentication keys should be case-insensitive.
   # These keys will be downcased upon creating or modifying a user and when used
   # to authenticate or find a user. Default is :email.
-  config.case_insensitive_keys = [ :email ]
+  config.case_insensitive_keys = [:email]
 
   # Configure which authentication keys should have whitespace stripped.
   # These keys will have whitespace before and after removed upon creating or
   # modifying a user and when used to authenticate or find a user. Default is :email.
-  config.strip_whitespace_keys = [ :email ]
+  config.strip_whitespace_keys = [:email]
 
   # Tell if authentication through request.params is enabled. True by default.
   # It can be set to an array that will enable params authentication only for the
diff --git a/lib/omni_auth/strategies/sso_oauth2_provider.rb b/lib/omni_auth/strategies/sso_oauth2_provider.rb
index f3ae87d76..80a45d3d3 100644
--- a/lib/omni_auth/strategies/sso_oauth2_provider.rb
+++ b/lib/omni_auth/strategies/sso_oauth2_provider.rb
@@ -24,6 +24,10 @@ module OmniAuth::Strategies
            authorize_url: active_provider.providable.authorization_endpoint,
            token_url: active_provider.providable.token_endpoint
 
+    def callback_url
+      url = Rails.application.config.action_controller.default_url_options
+      "#{url[:protocol]}://#{url[:host]}#{script_name}#{callback_path}"
+    end
 
     uid { parsed_info['user.uid'.to_sym] }