App-only oauth stopped working a year later


I’ve been using code based on Jon Hurlock’s Twitter Application-only Authentication App for over a year with no problem, but recently I’ve begun to get this error, even though I’ve made no changes to any code:

{“errors”:[{“message”:“Invalid or expired token”,“code”:89}]}HTTP/1.1 200 OK

I’m trying to generate a bearer token, the first step. I double-checked my consumer key and secret for the app, but no code changes have been made to the oauth portion in a year and we’ve never had a problem.

Did something change recently? We did have a problem once last year when SSL changed and we had to start using the new cacert.pem bundle, but I’ve tried using the latest and that doesn’t seem to be the problem.

Any help is appreciated, thanks!