core: Refresh authoriser on receiving SOUP_STATUS_FORBIDDEN

Previously the authoriser was only refreshed on receiving a
SOUP_STATUS_UNAUTHORIZED response from the server. This worked fine for
Google Documents, but it seems that PicasaWeb returns FORBIDDEN instead.
The authoriser was not being refreshed, and hence the user was seeing
access denied messages even though they were technically logged in.

https://bugzilla.gnome.org/show_bug.cgi?id=731269