I just tried to authenticate on your site and see the same error that you reported. The 'Forbidden' message usually comes from some sort of firewall or Apache restriction on your server for the URL that is being requested.
The URL looks like:
/index.php?option=com_jfbconnect&task=authenticate.callback&provider=google&state=ae1cba9e5d883b28ae032a6cad8ceb43&code=4/fwAaRopi5JKyckTWVPyb6KYq8Xo5SmuIvCj0P4bJ7zqZ7FJempqqhlfjNBOncKTgr7GoikGayGsmsjtqro8zX6g&scope=https://www.googleapis.com/auth/plus.me%20https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email
If you have mod_security installed for Apache, or another firewall extension for Joomla, you'll need to check the logs to determine if there is an exception being thrown that's blocking that request for some reason.
If that's not the case, I'd recommend removing switching to the default Joomla .htaccess file (temporarily) on your site to see if that helps.
It's possible that the %20 (a space) in scopes value is throwing the problem, but there are also other extensions that will do certain things if they see a 'state', 'scope', or 'code' parameter, even if the request isn't intended for that extension. If none of the above work, you may want to start disabling system plugins and testing each time to see if one specific system plugin is causing a conflict.
I hope that helps get you going,
Alex