7 files changed, 106 insertions, 15 deletions
diff --git a/model/authorize.go b/model/authorize.go
index 2296e7e22..9fd5afa70 100644
--- a/model/authorize.go
+++ b/model/authorize.go
@@ -62,7 +62,7 @@ func (ad *AuthData) IsValid() *AppError {
 		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.redirect_uri.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
 	}
 
-	if len(ad.State) > 128 {
+	if len(ad.State) > 1024 {
 		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.state.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
 	}
 
diff --git a/model/authorize_test.go b/model/authorize_test.go
index 3f43a4fc3..81e059305 100644
--- a/model/authorize_test.go
+++ b/model/authorize_test.go
@@ -115,7 +115,7 @@ func TestAuthIsValid(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	ad.Scope = NewRandomString(129)
+	ad.Scope = NewRandomString(1025)
 	if err := ad.IsValid(); err == nil {
 		t.Fatal("Should have failed invalid Scope")
 	}
diff --git a/model/client4.go b/model/client4.go
index 55179bdf9..4b50aa05f 100644
--- a/model/client4.go
+++ b/model/client4.go
@@ -1733,7 +1733,7 @@ func (c *Client4) RemoveUserFromChannel(channelId, userId string) (bool, *Respon
 
 // CreatePost creates a post based on the provided post struct.
 func (c *Client4) CreatePost(post *Post) (*Post, *Response) {
-	if r, err := c.DoApiPost(c.GetPostsRoute(), post.ToJson()); err != nil {
+	if r, err := c.DoApiPost(c.GetPostsRoute(), post.ToUnsanitizedJson()); err != nil {
 		return nil, BuildErrorResponse(r, err)
 	} else {
 		defer closeBody(r)
@@ -1743,7 +1743,7 @@ func (c *Client4) CreatePost(post *Post) (*Post, *Response) {
 
 // UpdatePost updates a post based on the provided post struct.
 func (c *Client4) UpdatePost(postId string, post *Post) (*Post, *Response) {
-	if r, err := c.DoApiPut(c.GetPostRoute(postId), post.ToJson()); err != nil {
+	if r, err := c.DoApiPut(c.GetPostRoute(postId), post.ToUnsanitizedJson()); err != nil {
 		return nil, BuildErrorResponse(r, err)
 	} else {
 		defer closeBody(r)
diff --git a/model/client4_test.go b/model/client4_test.go
new file mode 100644
index 000000000..f7923fa8f
--- /dev/null
+++ b/model/client4_test.go
@@ -0,0 +1,58 @@
+// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
+// See License.txt for license information.
+
+package model
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+// https://github.com/mattermost/mattermost-server/issues/8205
+func TestClient4CreatePost(t *testing.T) {
+	post := &Post{
+		Props: map[string]interface{}{
+			"attachments": []*SlackAttachment{
+				&SlackAttachment{
+					Actions: []*PostAction{
+						&PostAction{
+							Integration: &PostActionIntegration{
+								Context: map[string]interface{}{
+									"foo": "bar",
+								},
+								URL: "http://foo.com",
+							},
+							Name: "Foo",
+						},
+					},
+				},
+			},
+		},
+	}
+
+	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		attachments := PostFromJson(r.Body).Attachments()
+		assert.Equal(t, []*SlackAttachment{
+			&SlackAttachment{
+				Actions: []*PostAction{
+					&PostAction{
+						Integration: &PostActionIntegration{
+							Context: map[string]interface{}{
+								"foo": "bar",
+							},
+							URL: "http://foo.com",
+						},
+						Name: "Foo",
+					},
+				},
+			},
+		}, attachments)
+	}))
+
+	client := NewAPIv4Client(server.URL)
+	_, resp := client.CreatePost(post)
+	assert.Equal(t, http.StatusOK, resp.StatusCode)
+}
diff --git a/model/license.go b/model/license.go
index f96cba06c..942a18d55 100644
--- a/model/license.go
+++ b/model/license.go
@@ -173,6 +173,25 @@ func (l *License) ToJson() string {
 	return string(b)
 }
 
+// NewTestLicense returns a license that expires in the future and has the given features.
+func NewTestLicense(features ...string) *License {
+	ret := &License{
+		ExpiresAt: GetMillis() + 90*24*60*60*1000,
+		Customer:  &Customer{},
+		Features:  &Features{},
+	}
+	ret.Features.SetDefaults()
+
+	featureMap := map[string]bool{}
+	for _, feature := range features {
+		featureMap[feature] = true
+	}
+	featureJson, _ := json.Marshal(featureMap)
+	json.Unmarshal(featureJson, &ret.Features)
+
+	return ret
+}
+
 func LicenseFromJson(data io.Reader) *License {
 	var o *License
 	json.NewDecoder(data).Decode(&o)
diff --git a/model/post.go b/model/post.go
index 7cf0f1b35..4a774b5d4 100644
--- a/model/post.go
+++ b/model/post.go
@@ -122,12 +122,13 @@ type PostActionIntegrationResponse struct {
 func (o *Post) ToJson() string {
 	copy := *o
 	copy.StripActionIntegrations()
-	b, err := json.Marshal(&copy)
-	if err != nil {
-		return ""
-	} else {
-		return string(b)
-	}
+	b, _ := json.Marshal(&copy)
+	return string(b)
+}
+
+func (o *Post) ToUnsanitizedJson() string {
+	b, _ := json.Marshal(o)
+	return string(b)
 }
 
 func PostFromJson(data io.Reader) *Post {
diff --git a/model/system.go b/model/system.go
index 020c50858..2a636b14f 100644
--- a/model/system.go
+++ b/model/system.go
@@ -6,14 +6,16 @@ package model
 import (
 	"encoding/json"
 	"io"
+	"math/big"
 )
 
 const (
-	SYSTEM_DIAGNOSTIC_ID        = "DiagnosticId"
-	SYSTEM_RAN_UNIT_TESTS       = "RanUnitTests"
-	SYSTEM_LAST_SECURITY_TIME   = "LastSecurityTime"
-	SYSTEM_ACTIVE_LICENSE_ID    = "ActiveLicenseId"
-	SYSTEM_LAST_COMPLIANCE_TIME = "LastComplianceTime"
+	SYSTEM_DIAGNOSTIC_ID          = "DiagnosticId"
+	SYSTEM_RAN_UNIT_TESTS         = "RanUnitTests"
+	SYSTEM_LAST_SECURITY_TIME     = "LastSecurityTime"
+	SYSTEM_ACTIVE_LICENSE_ID      = "ActiveLicenseId"
+	SYSTEM_LAST_COMPLIANCE_TIME   = "LastComplianceTime"
+	SYSTEM_ASYMMETRIC_SIGNING_KEY = "AsymmetricSigningKey"
 )
 
 type System struct {
@@ -31,3 +33,14 @@ func SystemFromJson(data io.Reader) *System {
 	json.NewDecoder(data).Decode(&o)
 	return o
 }
+
+type SystemAsymmetricSigningKey struct {
+	ECDSAKey *SystemECDSAKey `json:"ecdsa_key,omitempty"`
+}
+
+type SystemECDSAKey struct {
+	Curve string   `json:"curve"`
+	X     *big.Int `json:"x"`
+	Y     *big.Int `json:"y"`
+	D     *big.Int `json:"d,omitempty"`
+}