diff --git a/spring-security-openid/src/main/java/org/baeldung/security/OpenIdConnectFilter.java b/spring-security-openid/src/main/java/org/baeldung/security/OpenIdConnectFilter.java
index c0970ab3cf..ddae3ceeab 100644
--- a/spring-security-openid/src/main/java/org/baeldung/security/OpenIdConnectFilter.java
+++ b/spring-security-openid/src/main/java/org/baeldung/security/OpenIdConnectFilter.java
@@ -1,12 +1,14 @@
 package org.baeldung.security;
 
 import java.io.IOException;
+import java.math.BigInteger;
 import java.util.Map;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.commons.codec.binary.Base64;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -14,6 +16,7 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.jwt.Jwt;
 import org.springframework.security.jwt.JwtHelper;
+import org.springframework.security.jwt.crypto.sign.RsaVerifier;
 import org.springframework.security.oauth2.client.OAuth2RestOperations;
 import org.springframework.security.oauth2.client.OAuth2RestTemplate;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
@@ -42,7 +45,7 @@ public class OpenIdConnectFilter extends AbstractAuthenticationProcessingFilter
         }
         try {
             final String idToken = accessToken.getAdditionalInformation().get("id_token").toString();
-            final Jwt tokenDecoded = JwtHelper.decode(idToken);
+            final Jwt tokenDecoded = JwtHelper.decodeAndVerify(idToken, verifier());
             System.out.println("===== : " + tokenDecoded.getClaims());
 
             final Map<String, String> authInfo = new ObjectMapper().readValue(tokenDecoded.getClaims(), Map.class);
@@ -60,6 +63,15 @@ public class OpenIdConnectFilter extends AbstractAuthenticationProcessingFilter
 
     }
 
+    // details can be found at https://www.googleapis.com/oauth2/v2/certs
+    private RsaVerifier verifier() {
+        byte[] nbytes = Base64.decodeBase64("vmyoDT6ND_YJa1ItdvULuTJr2pw4MvN3Z5kmSiJBm9glVoakcDEBGF4b5crKiPW7WDh2PZ0_yXY9ikDaTux7hxtgUtmm96KjmdBn_FYwv3SlsBRnzZw1oAG-2OdjlFWvlx4rXOhAzZ04ngPb3ELywwtKoO90hCy2DrNOMMSCuSu8zrFLw5oREawPcUFEQReipy_KRFf02VxFbK4Tj2FHVdBPPLW3W1KJD4S-NNwPnoeDrI6zWMv7WWAeSLAT0hX36r5FM9dM2uXTxPRCZzs-nqrUiHxn4duFIGgzuxCVbyigDrnfsmHx-B5tG1m7ts74xwf2P_PJwNNJ8qRihMsS2Q==");
+        byte[] ebytes = Base64.decodeBase64("AQAB");
+        BigInteger n = new BigInteger(1, nbytes);
+        BigInteger e = new BigInteger(1, ebytes);
+        return new RsaVerifier(n, e);
+    }
+
     private static class NoopAuthenticationManager implements AuthenticationManager {
 
         @Override