def sas_token(uri, options = {})
def sas_token(uri, options = {})
to_sign = [
options[:permissions],
options[:start],
options[:expiry],
CanonicalizedResource.new(uri, account_name, url_safe: false, service_name: :blob),
delegation_key.signed_oid,
delegation_key.signed_tid,
delegation_key.signed_start,
delegation_key.signed_expiry,
delegation_key.signed_service,
delegation_key.signed_version,
nil,
nil,
nil,
options[:ip],
options[:protocol],
SAS::Version,
SAS::Resources::Blob,
nil,
nil,
nil,
options[:content_disposition],
nil,
nil,
options[:content_type],
].join("\n")
query = {
SAS::Fields::Permissions => options[:permissions],
SAS::Fields::Start => options[:start],
SAS::Fields::Expiry => options[:expiry],
SAS::Fields::SignedObjectId => delegation_key.signed_oid,
SAS::Fields::SignedTenantId => delegation_key.signed_tid,
SAS::Fields::SignedKeyStartTime => delegation_key.signed_start,
SAS::Fields::SignedKeyExpiryTime => delegation_key.signed_expiry,
SAS::Fields::SignedKeyService => delegation_key.signed_service,
SAS::Fields::Signedkeyversion => delegation_key.signed_version,
SAS::Fields::SignedIp => options[:ip],
SAS::Fields::SignedProtocol => options[:protocol],
SAS::Fields::Version => SAS::Version,
SAS::Fields::Resource => SAS::Resources::Blob,
SAS::Fields::Disposition => options[:content_disposition],
SAS::Fields::Type => options[:content_type],
SAS::Fields::Signature => sign(to_sign, key: delegation_key.to_s),
}.reject { |_, value| value.nil? }
URI.encode_www_form(**query)
end