diff -ur oidc_provider.orig/lib/utils/common.py oidc_provider/lib/utils/common.py
--- oidc_provider.orig/lib/utils/common.py	2020-05-22 15:09:21.009044320 +0200
+++ oidc_provider/lib/utils/common.py	2020-06-04 16:00:12.049562502 +0200
@@ -19,6 +19,7 @@
     """
     response = HttpResponse('', status=302)
     response['Location'] = uri
+    response.url = uri
     return response
 
 
--- oidc_provider.orig/lib/utils/oauth2.py	2020-05-22 15:09:21.009044320 +0200
+++ oidc_provider/lib/utils/oauth2.py	2020-06-05 17:05:23.271285858 +0200
@@ -21,10 +21,14 @@
     """
     auth_header = request.META.get('HTTP_AUTHORIZATION', '')
 
-    if re.compile('^[Bb]earer\s{1}.+$').match(auth_header):
+    if re.compile(r'^[Bb]earer\s{1}.+$').match(auth_header):
         access_token = auth_header.split()[1]
-    else:
+    elif request.method == 'GET':
         access_token = request.GET.get('access_token', '')
+    elif request.method == 'POST':
+        access_token = request.POST.get('access_token', '')
+    else:
+        access_token = ''
 
     return access_token
 
@@ -39,7 +43,7 @@
     """
     auth_header = request.META.get('HTTP_AUTHORIZATION', '')
 
-    if re.compile('^Basic\s{1}.+$').match(auth_header):
+    if re.compile(r'^Basic\s{1}.+$').match(auth_header):
         b64_user_pass = auth_header.split()[1]
         try:
             user_pass = b64decode(b64_user_pass).decode('utf-8').split(':')