diff --git a/common/components/oauth/Component.php b/common/components/oauth/Component.php
index 9844817..6bd3091 100644
--- a/common/components/oauth/Component.php
+++ b/common/components/oauth/Component.php
@@ -7,7 +7,10 @@ use common\components\oauth\Storage\Yii2\AccessTokenStorage;
 use common\components\oauth\Storage\Yii2\ClientStorage;
 use common\components\oauth\Storage\Yii2\ScopeStorage;
 use common\components\oauth\Storage\Yii2\SessionStorage;
+use common\components\oauth\Util\KeyAlgorithm\UuidAlgorithm;
 use League\OAuth2\Server\AuthorizationServer;
+use League\OAuth2\Server\Grant;
+use League\OAuth2\Server\Util\SecureKey;
 use yii\base\InvalidConfigException;
 
 /**
@@ -29,10 +32,10 @@ class Component extends \yii\base\Component {
      * @var array grant type => class
      */
     public $grantMap = [
-        'authorization_code' => 'League\OAuth2\Server\Grant\AuthCodeGrant',
-        'client_credentials' => 'League\OAuth2\Server\Grant\ClientCredentialsGrant',
-        'password'           => 'League\OAuth2\Server\Grant\PasswordGrant',
-        'refresh_token'      => 'League\OAuth2\Server\Grant\RefreshTokenGrant'
+        'authorization_code' => Grant\AuthCodeGrant::class,
+        'client_credentials' => Grant\ClientCredentialsGrant::class,
+        'password'           => Grant\PasswordGrant::class,
+        'refresh_token'      => Grant\RefreshTokenGrant::class,
     ];
 
     public function getAuthServer() {
@@ -57,6 +60,8 @@ class Component extends \yii\base\Component {
                 $grant = new $this->grantMap[$grantType]();
                 $this->_authServer->addGrantType($grant);
             }
+
+            SecureKey::setAlgorithm(new UuidAlgorithm());
         }
 
         return $this->_authServer;
diff --git a/common/components/oauth/Util/KeyAlgorithm/UuidAlgorithm.php b/common/components/oauth/Util/KeyAlgorithm/UuidAlgorithm.php
new file mode 100644
index 0000000..09f96e7
--- /dev/null
+++ b/common/components/oauth/Util/KeyAlgorithm/UuidAlgorithm.php
@@ -0,0 +1,17 @@
+<?php
+namespace common\components\oauth\Util\KeyAlgorithm;
+
+use League\OAuth2\Server\Util\KeyAlgorithm\DefaultAlgorithm;
+use League\OAuth2\Server\Util\KeyAlgorithm\KeyAlgorithmInterface;
+use Ramsey\Uuid\Uuid;
+
+class UuidAlgorithm extends DefaultAlgorithm implements KeyAlgorithmInterface {
+
+    /**
+     * @inheritdoc
+     */
+    public function generate($len = 40) : string {
+        return Uuid::uuid5(Uuid::NAMESPACE_DNS, parent::generate($len))->toString();
+    }
+
+}
diff --git a/tests/codeception/api/functional/_steps/OauthSteps.php b/tests/codeception/api/functional/_steps/OauthSteps.php
index 802c779..000bc88 100644
--- a/tests/codeception/api/functional/_steps/OauthSteps.php
+++ b/tests/codeception/api/functional/_steps/OauthSteps.php
@@ -17,7 +17,7 @@ class OauthSteps extends \tests\codeception\api\FunctionalTester {
         ], ['accept' => true]);
         $this->canSeeResponseJsonMatchesJsonPath('$.redirectUri');
         $response = json_decode($this->grabResponse(), true);
-        preg_match('/code=(\w+)/', $response['redirectUri'], $matches);
+        preg_match('/code=([\w-]+)/', $response['redirectUri'], $matches);
 
         return $matches[1];
     }