diff --git a/example/webpack/webpack.config.js b/example/webpack/webpack.config.js
index 4602a0061..5cf771880 100644
--- a/example/webpack/webpack.config.js
+++ b/example/webpack/webpack.config.js
@@ -15,17 +15,11 @@ module.exports = {
       net: false,
       tls: false,
       dns: false,
-      zlib: false,
       stream: require.resolve('stream-browserify'),
-      events: require.resolve('events/'),
-      buffer: require.resolve('buffer/'),
-      url: require.resolve('url/'),
       http: require.resolve('stream-http'),
       https: require.resolve('https-browserify'),
-      crypto: require.resolve('crypto-browserify'),
       querystring: require.resolve('querystring-es3'),
-      os: require.resolve('os-browserify/browser'),
-      assert: require.resolve('assert/')
+      os: require.resolve('os-browserify/browser')
     }
   },
   module: {
diff --git a/megalodon/package.json b/megalodon/package.json
index 3125df7fa..1836af427 100644
--- a/megalodon/package.json
+++ b/megalodon/package.json
@@ -60,13 +60,12 @@
   },
   "homepage": "https://github.com/h3poteto/megalodon#readme",
   "dependencies": {
-    "@types/oauth": "^0.9.2",
+    "@badgateway/oauth2-client": "^2.2.4",
     "@types/ws": "^8.5.5",
     "axios": "1.5.1",
     "dayjs": "^1.11.10",
     "form-data": "^4.0.0",
     "https-proxy-agent": "^7.0.2",
-    "oauth": "^0.10.0",
     "object-assign-deep": "^0.4.0",
     "parse-link-header": "^2.0.0",
     "socks-proxy-agent": "^8.0.2",
diff --git a/megalodon/src/friendica.ts b/megalodon/src/friendica.ts
index 9128da746..dd253b610 100644
--- a/megalodon/src/friendica.ts
+++ b/megalodon/src/friendica.ts
@@ -1,4 +1,4 @@
-import { OAuth2 } from 'oauth'
+import { OAuth2Client } from '@badgateway/oauth2-client'
 import FormData from 'form-data'
 import parseLinkHeader from 'parse-link-header'
 
@@ -113,12 +113,16 @@ export default class Friendica implements MegalodonInterface {
     const scope = options.scope || DEFAULT_SCOPE
     const redirect_uri = options.redirect_uri || NO_REDIRECT
     return new Promise(resolve => {
-      const oauth = new OAuth2(clientId, clientSecret, this.baseUrl, undefined, '/oauth/token')
-      const url = oauth.getAuthorizeUrl({
-        redirect_uri: redirect_uri,
-        response_type: 'code',
-        client_id: clientId,
-        scope: scope.join(' ')
+      const oauthClient = new OAuth2Client({
+        server: this.baseUrl,
+        clientId: clientId,
+        clientSecret: clientSecret,
+        tokenEndpoint: '/oauth/token',
+        authorizationEndpoint: '/oauth/authorize'
+      })
+      const url = oauthClient.authorizationCode.getAuthorizeUri({
+        redirectUri: redirect_uri,
+        scope: scope
       })
       resolve(url)
     })
diff --git a/megalodon/src/mastodon.ts b/megalodon/src/mastodon.ts
index c60fa17b7..412ab64a7 100644
--- a/megalodon/src/mastodon.ts
+++ b/megalodon/src/mastodon.ts
@@ -1,4 +1,4 @@
-import { OAuth2 } from 'oauth'
+import { OAuth2Client } from '@badgateway/oauth2-client'
 import FormData from 'form-data'
 import parseLinkHeader from 'parse-link-header'
 
@@ -114,12 +114,16 @@ export default class Mastodon implements MegalodonInterface {
     const scope = options.scope || DEFAULT_SCOPE
     const redirect_uri = options.redirect_uri || NO_REDIRECT
     return new Promise(resolve => {
-      const oauth = new OAuth2(clientId, clientSecret, this.baseUrl, undefined, '/oauth/token')
-      const url = oauth.getAuthorizeUrl({
-        redirect_uri: redirect_uri,
-        response_type: 'code',
-        client_id: clientId,
-        scope: scope.join(' ')
+      const oauthClient = new OAuth2Client({
+        server: this.baseUrl,
+        clientId: clientId,
+        clientSecret: clientSecret,
+        tokenEndpoint: '/oauth/token',
+        authorizationEndpoint: '/oauth/authorize'
+      })
+      const url = oauthClient.authorizationCode.getAuthorizeUri({
+        redirectUri: redirect_uri,
+        scope: scope
       })
       resolve(url)
     })
diff --git a/megalodon/src/pleroma.ts b/megalodon/src/pleroma.ts
index d0ad245cf..dc3d328c0 100644
--- a/megalodon/src/pleroma.ts
+++ b/megalodon/src/pleroma.ts
@@ -1,4 +1,4 @@
-import { OAuth2 } from 'oauth'
+import { OAuth2Client } from '@badgateway/oauth2-client'
 import FormData from 'form-data'
 
 import PleromaAPI from './pleroma/api_client'
@@ -113,12 +113,16 @@ export default class Pleroma implements MegalodonInterface {
     const scope = options.scope || DEFAULT_SCOPE
     const redirect_uri = options.redirect_uri || NO_REDIRECT
     return new Promise(resolve => {
-      const oauth = new OAuth2(clientId, clientSecret, this.baseUrl, undefined, '/oauth/token')
-      const url = oauth.getAuthorizeUrl({
-        redirect_uri: redirect_uri,
-        response_type: 'code',
-        client_id: clientId,
-        scope: scope.join(' ')
+      const oauthClient = new OAuth2Client({
+        server: this.baseUrl,
+        clientId: clientId,
+        clientSecret: clientSecret,
+        tokenEndpoint: '/oauth/token',
+        authorizationEndpoint: '/oauth/authorize'
+      })
+      const url = oauthClient.authorizationCode.getAuthorizeUri({
+        redirectUri: redirect_uri,
+        scope: scope
       })
       resolve(url)
     })
diff --git a/yarn.lock b/yarn.lock
index a787618e2..e5f9a6ac2 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -549,6 +549,11 @@
     lodash "^4.17.13"
     to-fast-properties "^2.0.0"
 
+"@badgateway/oauth2-client@^2.2.4":
+  version "2.2.4"
+  resolved "https://registry.yarnpkg.com/@badgateway/oauth2-client/-/oauth2-client-2.2.4.tgz#6401b1d71f06944a320cfacd4285acbb54788d9d"
+  integrity sha512-R9MJWnf9gT5a38hNmAN4CFBB9yshvEVNYPb9iPgX7JIUAaqHjl3csivDcJESH3riRJMFVOEOqV4BsjamyYbsBg==
+
 "@bcoe/v8-coverage@^0.2.3":
   version "0.2.3"
   resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39"
@@ -1178,13 +1183,6 @@
   resolved "https://registry.yarnpkg.com/@types/node/-/node-20.8.2.tgz#d76fb80d87d0d8abfe334fc6d292e83e5524efc4"
   integrity sha512-Vvycsc9FQdwhxE3y3DzeIxuEJbWGDsnrxvMADzTDF/lcdR9/K+AQIeAghTQsHtotg/q0j3WEOYS/jQgSdWue3w==
 
-"@types/oauth@^0.9.2":
-  version "0.9.2"
-  resolved "https://registry.yarnpkg.com/@types/oauth/-/oauth-0.9.2.tgz#846f11d732deadff4303228d81f07a7b377df287"
-  integrity sha512-Nu3/abQ6yR9VlsCdX3aiGsWFkj6OJvJqDvg/36t8Gwf2mFXdBZXPDN3K+2yfeA6Lo2m1Q12F8Qil9TZ48nWhOQ==
-  dependencies:
-    "@types/node" "*"
-
 "@types/object-assign-deep@^0.4.1":
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/@types/object-assign-deep/-/object-assign-deep-0.4.1.tgz#6bb3c9f81ab6ee8af09276fded7b231b85ea406f"
@@ -4060,11 +4058,6 @@ npm-run-path@^5.1.0:
   dependencies:
     path-key "^4.0.0"
 
-oauth@^0.10.0:
-  version "0.10.0"
-  resolved "https://registry.yarnpkg.com/oauth/-/oauth-0.10.0.tgz#3551c4c9b95c53ea437e1e21e46b649482339c58"
-  integrity sha512-1orQ9MT1vHFGQxhuy7E/0gECD3fd2fCC+PIX+/jgmU/gI3EpRocXtmtvxCO5x3WZ443FLTLFWNDjl5MPJf9u+Q==
-
 object-assign-deep@^0.4.0:
   version "0.4.0"
   resolved "https://registry.yarnpkg.com/object-assign-deep/-/object-assign-deep-0.4.0.tgz#43505d3679abb9686ab359b97ac14cc837a9d143"