Google Rest API 401 Error Handling

Start

From last Friday, I'm struggling with a 401 error of google API in my spare time. It happens in an existing iOS project which uses Google Rest API with the error like:

{
  "error" : {
    "code" : 401,
    "message" : "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https:\/\/developers.google.com\/identity\/sign-in\/web\/devconsole-project.",
    "errors" : [
      {
        "message" : "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https:\/\/developers.google.com\/identity\/sign-in\/web\/devconsole-project.",
        "reason" : "unauthorized",
        "domain" : "global"
      }
    ],
    "status" : "UNAUTHENTICATED"
  }
}

It looks like something with authentication is wrong. I looked into the link and found nothing useful.
Since it worked previously and intergtated with google sign in, I thought it may be due to token expiration or so. I checked the API, and found there was the interface to refresh. I tried, but it still failed. Later I found that the token was valid in delegate of Google signin.

trouble shooting

First of all, I ran pod update to update libraries and I noticed the Google sign had updated to 5.0.0, which made me to change the existing code. However, the issue still existed. I wanted to see change logs of 5.0.0, but it made me strange that I couldn't find anything. In this situation, it made me to debug the google SDK to check whether the google SDK had problems.
After a long process and thanks to GTMSessionFetcher, I believed the SDK should be OK. Then I have to check the document and follow the How to.
From the 'Requirement' part, I checked my project whether it is a standard GCP project. I recreated a GCP project, recreate iOS credentials and updated related parameters in my client code. It still did not work, either.
Because it successfully returns result in google sign in, I thought the scope was correct. I continued to check other parts like project settings, script ID and function name, and so on. Finally, I raised a bug in the group, but there was no feedback for 2 days!
OMG~ I need to fix this issue, but it seems that I follow the every step and everything seems correct. Suddenly I noticed the 'scope' again, and found that the scope in the client missed one item from the project property: https://www.googleapis.com/auth/script.send_mail. I remembered that this item was missed in google SDK and I just let it go. Then I tried to add the item manually in the scope, and it works again!!

lessons leraned

It is very necessary to take a note in the process of intergrating any third-party SDK. If there is something abnormal, you need to write it down.
Besides, I want to say the response is not so friendly in this case. If it says something like "you don't have authorization to do this", that will be better.