I just solved this.
The id_token is enough to identify the User. When the android app sends a request with the id_token in it the server can ask google for its identity.
In google-api-php-client this works with:
$id_token = $_GET['id_token'];
$client = new Google_Client();
$attr = $client->verifyIdToken($id_token)->getAttributes();
echo $attr['payload']['sub'];
I found this in Google API Docs (there's also a "Recommended flow"-description) and with help of one of the mentioned link in the question.