Ok.. we fixed it on the site you sent me. We're still investigating the underlying cause, but it comes down to your server lower-casing the header values being sent back from Google. When we fetch the authentication token that Google responds with, we look for how the token is encoded based on the Content-Type header. On your server, the header is 'content-type' and JFBConnect failed to account for that.. meaning we parsed the token incorrectly.
As noted, it's fixed on the site you gave me credentials for. To fix on other sites, please edit the /components/com_jfbconnect/libraries/authenitcation/oauth2base.php file. Around line 90, you'll see:
if (strpos($response->headers['Content-Type'], 'application/json') !== false)
Simply update that to the lower-case version:
if (strpos($response->headers['content-type'], 'application/json') !== false)
We take all issues very seriously and again, I apologize for not getting to this yesterday. The above should get you going now. We'll investigate how best to ensure this doesn't happen in future releases as well.
Thanks,
Alex