First of all thank you very much for having me on the webinar, it was fun 
The first place to look would be the httr vignette "Best practices for API packages" which has lots of examples including those using OAuth2. For googleAuthR packages the function factory used by all of them all starts with the gar_api_generator() which adds looking for tokens in Shiny environments, batching and caching. The most modern take is gargle by Jenny Bryan which is under development now.
Covered in the webinar, but my first reaction is that you want to surface errors as quickly as possible, so would want them to be live even in production. If you want to mask transitory errors though then you can use tryCatch() or the equivalent to return a NULL response upon error, which will invalidate the shiny::reactive() object the API call should be wrapped in, so as you can then use shiny::req() or shiny::validate() to create custom error messages.
I've never done similar so can't speak from experience, perhaps RStudio Connect has someway you can do this, if not then my first approach would be to use Google Cloud Endpoints which gives you a API proxy to add API keys, caching and authentication, a demo of which I have here that uses Google App Engine Flexible and plumber.
I'm so embarrassed at my pronunciation of memoise on the webinar. 
If we're talking packages for API packages in particular, my R package stack always includes:
httr- the godfather of R APIsjsonlite- turning R inputs into JSON and back againpkgdown- documentationmemoise- caching responsesassertthat- defensive programming and checking of inputs
Then depending on how hard it is to parse the response, and how user friendly you want to make the final output you could choose to add some packages to parse the responses such as purrr or dplyr
For my first package searchConsoleR I read Hadley Wickham's R package book cover to cover, adding the elements to the package as I went.
After that I used the Google Discovery API service integration of googleAuthR via the gar_create_package() function to generate the functions and objects, then added functions to parse those into user-friendly functions, and add lots of documentation. But I don't make any packages at the moment as its enough time maintaining the existing ones.
The documentation on the Shiny website I still reference a lot and think are excellent.
I have a post on this forum about my approach to Shiny development that may be helpful.
Other than that I'd say having a good iterative workflow to keep testing each change you do, making sure to not do too much with each reactive object, and get the server side working well first with a basic UI first before making it look pretty.
The Slack channel #googleAuthRverse has a signup form here - that and any GitHub issues/pull requests are highly appreciated!