When creating a library that has to validate ID tokens according to the OpenID specification, it is useful to include some tests that check if the signature validation is working properly. Here are some samples that may help you do this:
.well-known/openid-configuration
endpoint{
"issuer": "http://localhost:8080",
"token_endpoint": "http://localhost:8080/token",
"authorization_endpoint": "http://localhost:8080/authorize",
"userinfo_endpoint": "http://localhost:8080/userinfo",
"token_endpoint_auth_methods_supported": ["none"],
"jwks_uri": "http://localhost:8080/jwks",
"response_types_supported": ["code"],
"grant_types_supported": [
"client_credentials",
"authorization_code",
"password"
],
"token_endpoint_auth_signing_alg_values_supported": ["RS256"],
"response_modes_supported": ["query"],
"id_token_signing_alg_values_supported": ["RS256"],
"revocation_endpoint": "http://localhost:8080/revoke",
"subject_types_supported": ["public"],
"end_session_endpoint": "http://localhost:8080/endsession",
"introspection_endpoint": "http://localhost:8080/introspect"
}
{
"keys": [
{
"kty": "RSA",
"n": "wFTZ6hX5HBOg3McPxoKA175wcOP82iiq-JkehT5Wl1Zt8Ljak9BgUoxoMteMTlY5b-NUemaTZhZ-EO2H9jEzUT6bESnsn6AexuoTFiENxcc5gtYWsQEfhB4G1DuDhG5szuqcM2sDjAonduZ6M4Nen-41vbsC_jwhX9uuEJ3jBtmjJUohO1it-spx4Iz50kE2iarY4a-lDo3KJgH8kYLvK-IIZhNV2lNihxuiADLjsELgGJrxvg6hskYrTDcZJ-cOCo9POtq6GxSR7zRFAWN0DRpk9jT65GxFDv5b6uBqZ3m-31iRNsftT-JnL5KzDW4tHkAvedWdqfyjD8fGkloo8w",
"e": "AQAB",
"kid": "192363785517f3280776d2868fe4b42063b15fe2bcd578154f1a20277c04f08186840468eeb7d723",
"alg": "RS256"
}
]
}
{
"token_type": "Bearer",
"expires_in": 3600,
"access_token": "eyJraWQiOiIxOTIzNjM3ODU1MTdmMzI4MDc3NmQyODY4ZmU0YjQyMDYzYjE1ZmUyYmNkNTc4MTU0ZjFhMjAyNzdjMDRmMDgxODY4NDA0NjhlZWI3ZDcyMyIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAiLCJpYXQiOjE2NjIzNjQzNDEsImV4cCI6MTY2MjM2Nzk0MSwibmJmIjoxNjYyMzY0MzMxLCJzdWIiOiJqb2huZG9lIiwiYW1yIjpbInB3ZCJdLCJzY29wZSI6ImR1bW15In0.ZDp8wT-JFoFjzdgRWsDV0hSCLkm7fSnDU4wLLu-srR5EuFX44BRlFVezgfXm9NMQUVJnJepUt4fjfOML1W8e5CreTcGyuNO0CFyKWaApQms-26IwxayLOV81cR81DZ1JzzZW3pFaFO3VMD_f5BlGLj8hryTjmK0G6WW-HY53gXobGc7ACYQBrYR0m7c0JdoQIoepdN2fvCgryjCpWFO5e6s_pV-tu4OVR6YupCxb9HU8XC8-wuGGFBjB21bo0U61lmsbyxl35f82Y8kyxYbDtyyvjld3nwUO_QrxyBvdyufakTZnoY8ShpGtWtwofLPSP4_vb6WILX6wCRQekh4hUA",
"scope": "dummy",
"id_token": "eyJraWQiOiIxOTIzNjM3ODU1MTdmMzI4MDc3NmQyODY4ZmU0YjQyMDYzYjE1ZmUyYmNkNTc4MTU0ZjFhMjAyNzdjMDRmMDgxODY4NDA0NjhlZWI3ZDcyMyIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAiLCJpYXQiOjE2NjIzNjQzNDEsImV4cCI6MTY2MjM2Nzk0MSwibmJmIjoxNjYyMzY0MzMxLCJzdWIiOiJqb2huZG9lIiwiYXVkIjoiZm9vIn0.jjGKN2AK8-gSysblsXCw5nCvcdzZBtBN2kQRxe9w157Oo7oYcFx00sAlyUI4585htwxphnd1LwWQWV15103c6OSon2nD_CwcUUzqPJj4TVh2XnX_C4-BrwpJvsQJXcAL6g9yX-YAyxz6FaMc8SOdVUULLjldQUOSqSQ42YlNxaZN1xdYTyPElCtg8nPksRYTM6FZy_39tGAHZgz8_vuSk13WSGG5xYqSzlagQDoE-QwH9blXLcVHxpZlFBnXRG68samqno6yigFfNz8XtrGaPDP22oxXTCA_YlzZZivMNB3FwXdczZw_tO3CRYm6YgUrPstNBOb7_45Uud0WHwBcCA"
}