diff --git a/pom.xml b/pom.xml
index cd1d6bb..4fc723a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -11,10 +11,22 @@
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <keycloak.version>23.0.6</keycloak.version>
+        <keycloak.version>24.0.1</keycloak.version>
     </properties>
 
     <dependencies>
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>1.16.1</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+            <version>33.0.0-jre</version>
+        </dependency>
+
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-core</artifactId>
@@ -79,7 +91,7 @@
         <dependency>
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-api</artifactId>
-            <version>5.9.3</version>
+            <version>5.10.2</version>
             <scope>test</scope>
         </dependency>
     </dependencies>
diff --git a/src/main/java/com/instipod/duouniversal/DuoUniversalAuthenticator.java b/src/main/java/com/instipod/duouniversal/DuoUniversalAuthenticator.java
index ec0fb69..b5aa010 100755
--- a/src/main/java/com/instipod/duouniversal/DuoUniversalAuthenticator.java
+++ b/src/main/java/com/instipod/duouniversal/DuoUniversalAuthenticator.java
@@ -42,17 +42,13 @@ private String getRedirectUrl(AuthenticationFlowContext context, Boolean forceTo
             sessionCode = context.generateAccessCode();
         }
 
-        String baseUrl = context.getHttpRequest().getUri().getBaseUri().toString();
-        baseUrl += "realms/" + URLEncoder.encode(context.getRealm().getName(), StandardCharsets.UTF_8) +
-                "/duo-universal/callback";
-        baseUrl += "?kc_client_id=" +
-                URLEncoder.encode(context.getAuthenticationSession().getClient().getClientId(), StandardCharsets.UTF_8);
-        baseUrl += "&kc_execution=" + URLEncoder.encode(context.getExecution().getId(), StandardCharsets.UTF_8);
-        baseUrl += "&kc_tab_id=" +
-                URLEncoder.encode(context.getAuthenticationSession().getTabId(), StandardCharsets.UTF_8);
-        baseUrl += "&kc_session_code=" + URLEncoder.encode(sessionCode, StandardCharsets.UTF_8);
-
-        return baseUrl;
+        return context.getHttpRequest().getUri().getBaseUri().toString().replaceAll("/+$", "") +
+                "/realms/" + URLEncoder.encode(context.getRealm().getName(), StandardCharsets.UTF_8) +
+                "/duo-universal/callback" +
+                "?kc_client_id=" + URLEncoder.encode(context.getAuthenticationSession().getClient().getClientId(), StandardCharsets.UTF_8) +
+                "&kc_execution=" + URLEncoder.encode(context.getExecution().getId(), StandardCharsets.UTF_8) +
+                "&kc_tab_id=" + URLEncoder.encode(context.getAuthenticationSession().getTabId(), StandardCharsets.UTF_8) +
+                "&kc_session_code=" + URLEncoder.encode(sessionCode, StandardCharsets.UTF_8);
     }
 
     private Client initDuoClient(AuthenticationFlowContext context, String redirectUrl) throws DuoException {
@@ -64,7 +60,7 @@ private Client initDuoClient(AuthenticationFlowContext context, String redirectU
         String overrides = authConfig.getConfig().get(DuoUniversalAuthenticatorFactory.DUO_CUSTOM_CLIENT_IDS);
 
         if (overrides != null && !overrides.equalsIgnoreCase("")) {
-            // multivalue string seperator is ##
+            // multivalue string separator is ##
             String[] overridesSplit = overrides.split("##");
 
             for (String override : overridesSplit) {