diff --git a/README.md b/README.md
index b14acbf6ebb9faa0a9eeb2976ca023e8cdca394d..2c54c9818133f655b9ad03f8faeac3bd7d827420 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@ Requirements:
 
 On Ubuntu:
 
-    sudo apt install apache2 mariadb-server libapache2-mod-php mariadb-server php7.2-xml
+    sudo apt install apache2 mariadb-server libapache2-mod-php mariadb-server php7.2-xml php7.2-mbstring php-mysql
 
 ### PHP
 
diff --git a/classes/JWKSHandler.php b/classes/JWKSHandler.php
index fb7c87ee4b71411d29d3be807404e44894eb58c0..48b58226fb14af6d4575dd1008245e279fa51f6d 100644
--- a/classes/JWKSHandler.php
+++ b/classes/JWKSHandler.php
@@ -52,11 +52,13 @@ class JWKSHandler {
             $rsaModulus = $this->getTagContent($publicKeyXML, "Modulus");
             $rsaExponent = $this->getTagContent($publicKeyXML, "Exponent");
 
+            $urisafeModulus = strtr($rsaModulus, '+/', '-_');
+
             $jwk = [];
             $jwk['kty'] = "RSA";
             $jwk['kid'] = $keyPair->keyId;
             $jwk['use'] = "sig";
-            $jwk['n'] = $rsaModulus;
+            $jwk['n'] = $urisafeModulus;
             $jwk['e'] = $rsaExponent;
 
             array_push($keys, $jwk);
diff --git a/classes/OAuth2RequestHandler.php b/classes/OAuth2RequestHandler.php
index ab21bf2e546242fabde3600f5d29f0705b9c5dd3..4d801f64edaa8fe2a7a8a3525a252a6298e1c02e 100644
--- a/classes/OAuth2RequestHandler.php
+++ b/classes/OAuth2RequestHandler.php
@@ -89,19 +89,16 @@ class OAuth2RequestHandler {
             throw new BadRequestException("Invalid redirect URI: " . $params['redirect_uri']);
         }
 
-        $token = [];
-        //$token['access_token'] = $accessToken->token;
-        $token['token_type'] = 'bearer';
-        $token['expires_in'] = $this->getExpiresIn($accessToken);
+        $result = [];
+        $result['access_token'] = $accessToken->token;
+        $result['token_type'] = 'Bearer';
+        $result['expires_in'] = $this->getExpiresIn($accessToken);
 
-        if ($accessToken->scope !== null) {
-            $token['access_token'] = $this->locator->getIdTokenBuilder()->getIdToken($accessToken);
-            //$token['id_token'] = $this->locator->getIdTokenBuilder()->getIdToken($accessToken);
-        } else {
-            $token['access_token'] = $accessToken->token;
+        if ($accessToken->scope !== null && in_array('openid', $accessToken->scope)) {
+            $result['id_token'] = $this->locator->getIdTokenBuilder()->getIdToken($accessToken);
         }
 
-        return $token;
+        return $result;
     }
 
     private function validateAccessTokenRequest($params) {
@@ -140,7 +137,9 @@ class OAuth2RequestHandler {
 
         if ($accessToken->scope !== null) {
             $result['scope'] = $accessToken->scope;
-            $result['id_token'] = $this->locator->getIdTokenBuilder()->getIdToken($accessToken);
+            if (in_array('openid', $accessToken->scope)) {
+                $result['id_token'] = $this->locator->getIdTokenBuilder()->getIdToken($accessToken);
+            }
         }
 
         return $result;
diff --git a/include/front-controller.php b/include/front-controller.php
index e9d79363dac310be4c661687703d5765b0e92862..818c1167f369ceaab858b4495d73796889d9f28f 100644
--- a/include/front-controller.php
+++ b/include/front-controller.php
@@ -197,36 +197,38 @@ Flight::route('POST /submit-x509-name', function() {
 
 Flight::route('GET /tou-check', function() {
 
-    startSession();
-    global $session, $BASE_PATH, $VERSION;
+    session_start();
+    global $locator;
 
-    if ($session->userToLogin === null) {
+    if ($locator->getSession()->userToLogin === null) {
         die("User data not retrieved.");
     } else {
         Flight::render('tou-check.php', array('title' => 'Terms of Use acceptance',
-            'user' => $session->userToLogin,
-            'version' => $VERSION,
-            'registration_url' => $BASE_PATH . '/register'));
+            'user' => $locator->getSession()->userToLogin,
+            'version' => $locator->getVersion(),
+            'registration_url' => $locator->getBasePath() . '/register'));
     }
 });
 
 Flight::route('GET /register', function() {
 
-    startSession();
-    global $session, $userHandler, $auditLog, $callbackHandler;
+    session_start();
+    global $locator;
 
-    if ($session->userToLogin === null) {
+    if ($locator->getSession()->userToLogin === null) {
         die("User data not retrieved.");
     } else {
 
+        $session = $locator->getSession();
+        
         $user = $session->userToLogin;
-        $userHandler->saveUser($user);
+        $locator->getUserHandler()->saveUser($user);
 
         $session->userToLogin = null;
         $session->save();
 
-        $auditLog->info("LOGIN," . $user->identities[0]->type . "," . $user->id);
-        $callbackHandler->manageLoginRedirect($user, $session);
+        $locator->getAuditLogger()->info("LOGIN," . $user->identities[0]->type . "," . $user->id);
+        $locator->getCallbackHandler()->manageLoginRedirect($user, $session);
     }
 });
 
diff --git a/sql/setup-database.sql b/sql/setup-database.sql
index a390e5a521568c6804c5fda198a4c9e0da19a691..62ae410fef26814bbdaad96aab9cc04244b6824a 100644
--- a/sql/setup-database.sql
+++ b/sql/setup-database.sql
@@ -12,7 +12,7 @@ CREATE TABLE `oauth2_client` (
 
 CREATE TABLE `oauth2_client_auth_methods` (
   `client_id` int NOT NULL,
-  `auth_method` varchar(255) NOT NULL,
+  `auth_method` varchar(50) NOT NULL,
   PRIMARY KEY (`client_id`, `auth_method`),
   FOREIGN KEY (`client_id`) REFERENCES `oauth2_client`(`id`)
 );
@@ -67,7 +67,7 @@ CREATE TABLE `join_request` (
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 CREATE TABLE `rsa_keypairs` (
-  `id` varchar(255) NOT NULL,
+  `id` varchar(50) NOT NULL,
   `public_key` text,
   `private_key` text,
   `alg` varchar(255),