diff --git a/app.py b/app.py
index 878f4518b40524ec4f77b8a4ae422fad1bb240f5..de0a89c6ed9f2408fabd4cee65d2d48264c061e9 100644
--- a/app.py
+++ b/app.py
@@ -14,9 +14,10 @@ def create_app(test_config=None):
 	else:
 		app.config.from_mapping(test_config)
 	# oauthlib enforces the OAuth2.0 requirement to use HTTPS, when this is not set
-	os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' # That behaviour sucks, so disable it
+	if app.debug:
+		os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
 
-	@app.route("/auth")
+	@app.route('/auth')
 	def auth():
 		if not session.get('user_id'):
 			abort(401)
@@ -33,7 +34,7 @@ def create_app(test_config=None):
 		return OAuth2Session(request.headers['X-CLIENT-ID'],
 			redirect_uri=request.headers['X-REDIRECT-URI'], **kwargs)
 
-	@app.route("/login")
+	@app.route('/login')
 	def login():
 		client = get_oauth()
 		url, state = client.authorization_url(app.config['OAUTH2_AUTH_URL'])
@@ -45,10 +46,10 @@ def create_app(test_config=None):
 			session['url'] = request.values.get('url', '/')
 		return redirect(url)
 
-	@app.route("/callback")
+	@app.route('/callback')
 	def callback():
 		client = get_oauth(state=session.pop('state'))
-		token = client.fetch_token(app.config['OAUTH2_TOKEN_URL'],
+		client.fetch_token(app.config['OAUTH2_TOKEN_URL'],
 			client_secret=request.headers['X-CLIENT-SECRET'],
 			authorization_response=request.url, verify=(not app.debug))
 		userinfo = client.get(app.config['OAUTH2_USERINFO_URL']).json()
@@ -60,27 +61,27 @@ def create_app(test_config=None):
 		session['user_groups'] = userinfo['groups']
 		return redirect(session.pop('url'))
 
-	@app.route("/logout")
+	@app.route('/logout')
 	def logout():
 		session.clear()
 		resp = Response('Ok', 200)
 		if request.values.get('redirect_url'):
 			resp = redirect(request.values.get('redirect_url'))
 		if request.values.get('clear_cookies'):
-			for key, data in request.cookies.items():
+			for key, _ in request.cookies.items():
 				resp.delete_cookie(key)
 		return resp
 
-	@app.route("/status")
+	@app.route('/status')
 	def status():
-		resp = Response('''Proxy Configuration Status
+		resp = Response(f'''Proxy Configuration Status
 
 For this proxy service to work properly, the OAuth client crendentials must
 be injected in by the webserver as HTTP-headers:
 
-X-CLIENT-ID: %s
-X-CLIENT-SECRET: %s
-X-REDIRECT-URI: %s
+X-CLIENT-ID: {request.headers.get('X-CLIENT-ID', '(unset)')}
+X-CLIENT-SECRET: {'(set)' if request.headers.get('X-CLIENT-SECRET') else '(unset)'}
+X-REDIRECT-URI: {request.headers.get('X-REDIRECT-URI', '(unset)')}
 
 If you accessed this ressource with the URL
 
@@ -92,9 +93,7 @@ then the redirect URI must be set to:
 
 This exact redirect URI must also be registered with the OAuth server as
 a valid redirect_uri for the client_id.
-'''%(request.headers.get('X-CLIENT-ID', '(unset)'),
-		'(set)' if request.headers.get('X-CLIENT-SECRET') else '(unset)',
-		request.headers.get('X-REDIRECT-URI', '(unset)')))
+''')
 		resp.mimetype = 'text/plain; charset=utf-8'
 		return resp
 
diff --git a/pytest.ini b/pytest.ini
new file mode 100644
index 0000000000000000000000000000000000000000..e2ab1b22e4922257c05313e9988e0d8870aaae87
--- /dev/null
+++ b/pytest.ini
@@ -0,0 +1,5 @@
+[pytest]
+filterwarnings =
+	# DeprecationWarning from dependencies that we use
+	ignore:Using or importing the ABCs from 'collections' instead of from 'collections.abc' is deprecated since Python 3.3, and in 3.10 it will stop working:DeprecationWarning
+	ignore:Please switch to the public method populate_token_attributes.:DeprecationWarning