Update OIDC id_token_signing_alg_values_supported for wider algo support

Previously the message verification required RS256 with no other checks
on algo. While technically RS256 MUST be supported, some implementations
have abandoned it's use as insecure and instead require for example
ES256 as a minimum baseline.

This change slightly relaxes the check in a future compatible way while
still making sure an actual alg is specified instead of `none`.

```python
>>> bad = ["none"]
>>> good = ["ES256"]
>>> dodgy = ["none", "RS256"]
>>> empty = []
>>> any(i.lower() != "none" for i in dodgy)
True
>>> any(i.lower() != "none" for i in empty)
False
>>> any(i.lower() != "none" for i in good)
True
>>> any(i.lower() != "none" for i in bad)
False
```

Author: jinnatar

src/idpyoidc/message/oidc/__init__.py

@@ -942,8 +942,14 @@ def verify(self, **kwargs):
                 "token_endpoint_auth_signing_alg_values_supported"
             )
 
-        if "RS256" not in self["id_token_signing_alg_values_supported"]:
-            raise ValueError("RS256 missing from id_token_signing_alg_values_supported")
+        # Check that any alg that is not "none" is supported.
+        # While OpenID Connect Core 1.0 says RS256 MUST be supported,
+        # reality has moved on and more modern alg values may be required.
+        if not any(i.lower() != "none" for i in self["id_token_signing_alg_values_supported"]):
+            raise ValueError(
+                "Secure signing algorithm (for example RS256 or ES256) missing from id_token_signing_alg_values_supported: %s"
+                % self["id_token_signing_alg_values_supported"]
+            )
 
         if not parts.query and not parts.fragment:
             pass