fix test
diff --git a/app_dart/test/service/firebase_jwt_validator_test.dart b/app_dart/test/service/firebase_jwt_validator_test.dart
index 04868ff..d78403e 100644
--- a/app_dart/test/service/firebase_jwt_validator_test.dart
+++ b/app_dart/test/service/firebase_jwt_validator_test.dart
@@ -267,6 +267,22 @@
 
     test('fails if JWT has a public key in header', () async {
       // HMAC signing
+      final key = JsonWebKey.generate('RS256');
+      final builder = JsonWebSignatureBuilder()
+        ..jsonContent = {'sub': '123'}
+        ..setProtectedHeader('jwk', key.toJson())
+        ..setProtectedHeader('kid', 'some-kid')
+        ..addRecipient(key, algorithm: 'RS256');
+      final jws = builder.build();
+      final jwtString = jws.toCompactSerialization();
+
+      await expectLater(
+        validator.decodeAndVerify(jwtString),
+        jwtException('Public key in JWT not allowed: ${key.toJson()}'),
+      );
+    });
+
+    test('fails if JWT algorithm is not firebase approved', () async {
       final key = JsonWebKey.generate('HS256');
       final builder = JsonWebSignatureBuilder()
         ..jsonContent = {'sub': '123'}
@@ -282,22 +298,6 @@
       );
     });
 
-    test('fails if JWT algorithm is not firebase approved', () async {
-      final key = JsonWebKey.generate('RS257');
-      final builder = JsonWebSignatureBuilder()
-        ..jsonContent = {'sub': '123'}
-        ..setProtectedHeader('jwk', key.toJson())
-        ..setProtectedHeader('kid', 'some-kid')
-        ..addRecipient(key, algorithm: 'RS256');
-      final jws = builder.build();
-      final jwtString = jws.toCompactSerialization();
-
-      await expectLater(
-        validator.decodeAndVerify(jwtString),
-        jwtException('Public key in JWT not allowed: ${key.toJson()}'),
-      );
-    });
-
     test('fails if JWT has jku in header', () async {
       final key = JsonWebKey.generate('RS256');
       final builder = JsonWebSignatureBuilder()