Add a list of allowed_client_ids to EchoApi.get_user_email. (#1992)

The use of an OAuth token issued by accounts.google.com triggers
a special path in Endpoints Framework, which validates if the
client id ('azp' claim of JWT token) is included in allowed_client_ids
list supplied to @endpoints.method decorator.

Without the change, sample client described at [1] receives 401
Unauthorized errors when attempting to access the API.

[1] https://cloud.google.com/endpoints/docs/frameworks/python/javascript-client

Author: tomboc

appengine/standard/endpoints-frameworks-v2/echo/main.py

@@ -92,7 +92,8 @@ def echo_api_key(self, request):
         # Require auth tokens to have the following scopes to access this API.
         scopes=[endpoints.EMAIL_SCOPE],
         # OAuth2 audiences allowed in incoming tokens.
-        audiences=['your-oauth-client-id.com'])
+        audiences=['your-oauth-client-id.com'],
+        allowed_client_ids=['your-oauth-client-id.com'])
     def get_user_email(self, request):
         user = endpoints.get_current_user()
         # If there's no user defined, the request was unauthenticated, so we