Support adding headers to the request for auth

[derekmurawsky]

Is your feature request related to a problem? Please describe.

In order to provide some level of security for the semi-sensitive api keys used by this library, request restrictions are encouraged by google. As documented here (thanks @matijagrcic), the native ways of doing so are via headers.

Header x-android-package
Label servicecontrol.googleapis.com/android_cert_fingerprint

Header x-android-cert 
Label servicecontrol.googleapis.com/android_package_name

Header x-ios-bundle-identifier
Label servicecontrol.googleapis.com/ios_bundle_id

Describe the solution you'd like

Enable either adding additional request headers to the outbound request generically so that this functionality can be emulated. This seems to be a flexible way to support various request restrictions including by referrer when doing local app development.

OR

Support automatically sending these headers with each request via a toggle of some kind. something like send-native-app-id=true. Much simpler to enable from a user perspective, but also less flexible.

Describe alternatives you've considered

• Leaving the key with no restrictions - App can be decompiled and a denial of service/wallet attack launched using the API key.
• Using a proxy (as suggested here - Just shifts the problem. You would still need to authorize requests to the proxy or you would suffer a denial of service/wallet attack.
• Manually adding work around code as documented here - This is what we're currently going to do, but would prefer the library to natively support this.

Additional context

I would suggest that, as a react-native library, this should support android and IOS native methods of security for APIs like this.

[KrisLau]

@bell-steven