chaintope · rantan · Nov 22, 2022 · Jul 18, 2022 · Jul 25, 2022 · Oct 24, 2022
diff --git a/javascript/GettingStarted-ja.md b/javascript/GettingStarted-ja.md
diff --git a/javascript/README.md b/javascript/README.md
@@ -29,4 +29,10 @@ let accsessToken = "ya29.a0AfH6SMCCXiqb-VmA6XMquR.....";
 
 ```
 $ node addresses.js
+```
+
+If you use self-signed client certificate, set flag `NODE_TLS_REJECT_UNAUTHORIZED` to 0
+
+```
+NODE_TLS_REJECT_UNAUTHORIZED='0' node index.js
 ```
diff --git a/javascript/addresses.js b/javascript/addresses.js
@@ -1,4 +1,7 @@
 let TapyrusApi = require('tapyrus_api');
+const https = require('node:https');
+const http = require('node:http');
+const fs = require('node:fs');
 
 let accsessToken = "";
 let defaultClient = TapyrusApi.ApiClient.instance;
@@ -7,6 +10,15 @@ defaultClient.defaultHeaders = { Authorization: `Bearer ${accsessToken}` }
 // You can change the host name and port number
 // defaultClient.basePath = 'http://localhost:3000/api/v1'
 
+// Client certificate
+if (fs.existsSync('user.pfx')) {
+  const options = {
+    pfx: fs.readFileSync('user.p12'),
+    passphrase: '1234'
+  };
+  httpsAgent = new https.Agent(options);
+  defaultClient.requestAgent = httpsAgent;
+}
 
 // @route   POST /api/v1/addresses 
 // @desc    Generate new Address

diff --git a/javascript/example-app/index.js b/javascript/example-app/index.js
@@ -1,36 +1,75 @@
 const express = require('express');
+const crypto = require('crypto');
 const app = express();
 app.use(express.urlencoded({extended: true}));
+
 const port = 3000;
+const tapyrusApiHost = 'https://testnet-api.tapyrus.chaintope.com';
 
-const {Issuer, generators} = require('openid-client');
-const code_verifier = generators.codeVerifier();
+const { AuthorizationCode } = require('simple-oauth2');
+const https = require('node:https');
+const http = require('node:http');
+const fs = require('node:fs');
 
 const TapyrusApi = require('tapyrus_api');
 const defaultClient = TapyrusApi.ApiClient.instance;
-defaultClient.basePath = 'https://testnet-api.tapyrus.chaintope.com/api/v1';
+defaultClient.basePath = `${tapyrusApiHost}/api/v1`;
 
-// OpenID Connect client credentials. Modify for your own environment.
-const issuer = '';
+// OAuth2 Client credentials. Modify for your own environment.
 const client_id = '';
-const client_secret = '';
+const client_secret = 'dummy';
+
+let config = null;
+// Client certificate
+if (fs.existsSync('user.p12')) {
+  const options = {
+    pfx: fs.readFileSync('user.p12'),
+    passphrase: '1234'
+  };
+  httpsAgent = new https.Agent(options);
+  httpAgent = new http.Agent(options);
+  defaultClient.requestAgent = httpsAgent;
+  config = {
+    client: {
+      id: client_id,
+      secret: client_secret
+    },
+    auth: {
+      tokenHost: tapyrusApiHost,
+      tokenPath: 'oauth2/v1/token',
+      authorizeHost: tapyrusApiHost,
+      authorizePath: 'oauth2/v1/authorize'
+    },
+    http: {
+      agents: {
+        https: httpsAgent,
+        http: httpAgent,
+        httpsAllowUnauthorized: httpsAgent
+      }
+    }
+  };
+} else {
+  config = {
+    client: {
+      id: client_id,
+      secret: client_secret
+    },
+    auth: {
+      tokenHost: tapyrusApiHost,
+      tokenPath: 'oauth2/v1/token',
+      authorizeHost: tapyrusApiHost,
+      authorizePath: 'oauth2/v1/authorize'
+    }
+  };
+}
+
 
-let googleIssuer;
-let oidcClient;
+
+let client;
 let accessToken;
 
 app.listen(port, async () => {
   console.log(`Example app listening at http://localhost:${port}`)
-
-  googleIssuer = await Issuer.discover(issuer);
-  oidcClient = new googleIssuer.Client({
-    client_id,
-    client_secret,
-    redirect_uris: [`http://localhost:${port}/cb`],
-    response_types: ['code'],
-  });
-
-  console.log('oidc client ready');
 })
 
 app.get('/', async (req, res) => {
@@ -76,32 +115,21 @@ app.get('/', async (req, res) => {
 });
 
 app.get('/authorize', async (req, res) => {
-  const code_challenge = generators.codeChallenge(code_verifier);
-
-  let authorizationUrl = oidcClient.authorizationUrl({
-    scope: 'openid email profile',
-    code_challenge,
-    code_challenge_method: 'S256',
+  client = new AuthorizationCode(config);
+  const state = crypto.randomBytes(16).toString('base64').substring(0, 16);
+  const authorizationUri = client.authorizeURL({
+    redirect_uri: `http://localhost:${port}/cb`,
+    scope: 'openid profile',
+    state
   });
-
-  res.redirect(authorizationUrl);
+  res.redirect(authorizationUri);
 });
 
 app.get('/cb', async (req, res) => {
-  const params = oidcClient.callbackParams(req);
-  const tokenSet = await oidcClient.callback(`http://localhost:${port}/cb`, params, {code_verifier})
-
-  const userApi = new TapyrusApi.UserApi();
-  userApi.createUser({id_token: tokenSet.id_token, issuer, client_id, access_token: tokenSet.access_token}, (error) => {
-    if (error) {
-      console.error(error);
-    } else {
-      accessToken = tokenSet.access_token;
-      TapyrusApi.ApiClient.instance.defaultHeaders = {Authorization: `Bearer ${accessToken}`}
-    }
-
-    res.redirect('/');
-  });
+  response = await client.getToken({ code: req.query.code });
+  accessToken = response.token['access_token'];
+  defaultClient.defaultHeaders = {Authorization: `Bearer ${accessToken}`};
+  res.redirect('/');
 });
 
 app.post('/create_address', (req, res) => {