azure-storage 0.10.0.preview

data/lib/azure/storage/core/auth/shared_access_signature_signer.rb

@@ -0,0 +1,49 @@
+#-------------------------------------------------------------------------
+# # Copyright (c) Microsoft and contributors. All rights reserved.
+#
+# The MIT License(MIT)
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files(the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions :
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#--------------------------------------------------------------------------
+
+require 'azure/storage/core/auth/signer'
+
+module Azure::Storage
+  module Auth
+    class SharedAccessSignatureSigner < Azure::Core::Auth::Signer
+
+      attr :account_name, :sas_token
+
+      # Public: Initialize the Signer with a SharedAccessSignature
+      #
+      # @param account_name [String] The account name. Defaults to the one in the global configuration.
+      # @param sas_token [String]   The sas token to be used for signing
+      def initialize(account_name=Azure::Storage.storage_account_name, sas_token=Azure::Storage.storage_sas_token)
+        @account_name = account_name
+        @sas_token = sas_token
+      end
+
+      def sign_request(req)
+        ori_uri = req.uri
+        URI.parse(ori_uri.to_s + (ori_uri.query.nil? ? '?' : '&') + sas_token.sub(/^\?/,'') + '&api-version=' + Azure::Storage::Default::STG_VERSION)
+      end
+
+    end
+  end
+end

data/lib/azure/storage/core/auth/shared_key.rb

@@ -0,0 +1,125 @@
+#-------------------------------------------------------------------------
+# # Copyright (c) Microsoft and contributors. All rights reserved.
+#
+# The MIT License(MIT)
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files(the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions :
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#--------------------------------------------------------------------------
+require 'cgi'
+require 'azure/storage/core/auth/signer'
+
+module Azure::Storage
+  module Auth
+    class SharedKey < Azure::Core::Auth::Signer
+      # The Azure account's name.
+      attr :account_name
+
+      # Initialize the Signer.
+      #
+      # @param account_name [String] The account name. Defaults to the one in the
+      #                global configuration.
+      # @param access_key   [String] The access_key encoded in Base64. Defaults to the
+      #                one in the global configuration.
+      def initialize(account_name=Azure::Storage.config.storage_account_name, access_key=Azure::Storage.config.storage_access_key)
+        @account_name = account_name
+        super(access_key)
+      end
+
+      # The name of the strategy.
+      #
+      # @return [String]
+      def name
+        'SharedKey'
+      end
+
+      # Create the signature for the request parameters
+      #
+      # @param method     [Symbol] HTTP request method.
+      # @param uri        [URI] URI of the request we're signing.
+      # @param headers    [Hash] HTTP request headers.
+      #
+      # @return           [String] base64 encoded signature
+      def sign(method, uri, headers)
+        "#{account_name}:#{super(signable_string(method, uri, headers))}"
+      end
+
+      # Sign the request
+      #
+      # @param req    [Azure::Core::Http::HttpRequest] HTTP request to sign
+      #
+      # @return       [Azure::Core::Http::HttpRequest]
+      def sign_request(req)
+        req.headers['Authorization'] = "#{name} #{sign(req.method, req.uri, req.headers)}"
+        req
+      end
+
+      # Generate the string to sign.
+      #
+      # @param method     [Symbol] HTTP request method.
+      # @param uri        [URI] URI of the request we're signing.
+      # @param headers    [Hash] HTTP request headers.
+      #
+      # @return [String]
+      def signable_string(method, uri, headers)
+        [
+          method.to_s.upcase,
+          headers.fetch('Content-Encoding', ''),
+          headers.fetch('Content-Language', ''),
+          headers.fetch('Content-Length', '').sub(/^0+/,''), # from 2015-02-21, if Content-Length == 0, it won't be signed
+          headers.fetch('Content-MD5', ''),
+          headers.fetch('Content-Type', ''),
+          headers.fetch('Date', ''),
+          headers.fetch('If-Modified-Since', ''),
+          headers.fetch('If-Match', ''),
+          headers.fetch('If-None-Match', ''),
+          headers.fetch('If-Unmodified-Since', ''),
+          headers.fetch('Range', ''),
+          canonicalized_headers(headers),
+          canonicalized_resource(uri)
+        ].join("\n")
+      end
+
+      # Calculate the Canonicalized Headers string for a request.
+      #
+      # @param headers    [Hash] HTTP request headers.
+      #
+      # @return [String] a string with the canonicalized headers.
+      def canonicalized_headers(headers)
+        headers = headers.map { |k,v| [k.to_s.downcase, v] }
+        headers.select! { |k,v| k =~ /^x-ms-/ }
+        headers.sort_by! { |(k,v)| k }
+        headers.map! { |k,v| '%s:%s' % [k, v] }
+        headers.map! { |h| h.gsub(/\s+/, ' ') }.join("\n")
+      end
+
+      # Calculate the Canonicalized Resource string for a request.
+      #
+      # @param uri        [URI] URI of the request we're signing.
+      #
+      # @return           [String] a string with the canonicalized resource.
+      def canonicalized_resource(uri)
+        resource = '/' + account_name + (uri.path.empty? ? '/' : uri.path)
+        params = CGI.parse(uri.query.to_s).map { |k,v| [k.downcase, v] }
+        params.sort_by! { |k,v| k }
+        params.map! { |k,v| '%s:%s' % [k, v.map(&:strip).sort.join(',')] }
+        [resource, *params].join("\n")
+      end
+    end
+  end
+end

data/lib/azure/storage/core/auth/shared_key_lite.rb

@@ -0,0 +1,55 @@
+#-------------------------------------------------------------------------
+# # Copyright (c) Microsoft and contributors. All rights reserved.
+#
+# The MIT License(MIT)
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files(the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions :
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#--------------------------------------------------------------------------
+require "azure/storage/core/auth/shared_key"
+
+module Azure::Storage
+  module Auth
+    class SharedKeyLite < SharedKey
+      # The name of the strategy.
+      #
+      # @return [String]
+      def name
+        'SharedKeyLite'
+      end
+
+      # Generate the string to sign.
+      #
+      # @param method     [Symbol] The HTTP request method.
+      # @param uri        [URI] The URI of the request we're signing.
+      # @param headers    [Hash] A Hash of HTTP request headers.
+      #
+      # Returns a plain text string.
+      def signable_string(method, uri, headers)
+        [
+          method.to_s.upcase,
+          headers.fetch('Content-MD5', ''),
+          headers.fetch('Content-Type', ''),
+          headers.fetch('Date') { raise IndexError, 'Headers must include Date' },
+          canonicalized_headers(headers),
+          canonicalized_resource(uri)
+        ].join("\n")
+      end
+    end
+  end
+end

data/lib/azure/storage/core/auth/signer.rb

@@ -0,0 +1,60 @@
+#-------------------------------------------------------------------------
+# # Copyright (c) Microsoft and contributors. All rights reserved.
+#
+# The MIT License(MIT)
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files(the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions :
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#--------------------------------------------------------------------------
+require 'openssl'
+require 'base64'
+
+module Azure
+  module Core
+    module Auth
+      # Utility class to sign strings with HMAC-256 and then encode the
+      # signed string using Base64.
+      class Signer
+        # The access key for the account
+        attr :access_key
+
+        # Initialize the Signer.
+        #
+        # @param access_key [String] The access_key encoded in Base64.
+        def initialize(access_key)
+          if access_key.nil?
+            raise ArgumentError, 'Signing key must be provided'
+          end
+
+          @access_key = Base64.strict_decode64(access_key)
+        end
+
+        # Generate an HMAC signature.
+        #
+        # @param body [String] The string to sign.
+        #
+        # @return [String] a Base64 String signed with HMAC.
+        def sign(body)
+          signed = OpenSSL::HMAC.digest('sha256', access_key, body)
+          Base64.strict_encode64(signed)
+        end
+
+      end
+    end
+  end
+end

data/lib/azure/storage/core/autoload.rb

@@ -0,0 +1,35 @@
+#-------------------------------------------------------------------------
+# # Copyright (c) Microsoft and contributors. All rights reserved.
+#
+# The MIT License(MIT)
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files(the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions :
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#--------------------------------------------------------------------------
+
+module Azure
+  module Core
+    autoload :HttpClient,                     'azure/storage/core/http_client'
+    autoload :Utility,                        'azure/storage/core/utility'
+    autoload :Logger,                         'azure/storage/core/utility'
+    autoload :Error,                          'azure/storage/core/error'
+    autoload :Service,                        'azure/storage/core/service'
+    autoload :FilteredService,                'azure/storage/core/filtered_service'
+    autoload :SignedService,                  'azure/storage/core/signed_service'
+  end
+end

data/lib/azure/storage/core/client_options.rb

@@ -0,0 +1,334 @@
+#-------------------------------------------------------------------------
+# # Copyright (c) Microsoft and contributors. All rights reserved.
+#
+# The MIT License(MIT)
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files(the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions :
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#--------------------------------------------------------------------------
+
+require 'uri'
+require 'azure/storage/core'
+require 'azure/storage/core/client_options_error'
+
+module Azure::Storage
+  module ClientOptions
+
+    attr_accessor :ca_file
+
+    # Public: Reset options for [Azure::Storage::Client]
+    #
+    # ==== Attributes
+    #
+    # * +options+    - Hash. Optional parameters.
+    #
+    # ==== Options
+    #
+    # Accepted key/value pairs in options parameter are:
+    #
+    # * +:use_development_storage+        - TrueClass. Whether to use storage emulator.
+    # * +:development_storage_proxy_uri+  - String. Used with +:use_development_storage+ if emulator is hosted other than localhost.
+    # * +:storage_account_name+           - String. The name of the storage account.
+    # * +:storage_access_key+             - Base64 String. The access key of the storage account.
+    # * +:storage_sas_token+              - String. The signed access signiture for the storage account or one of its service.
+    # * +:storage_blob_host+              - String. Specified Blob serivce endpoint or hostname
+    # * +:storage_table_host+             - String. Specified Table serivce endpoint or hostname
+    # * +:storage_queue_host+             - String. Specified Queue serivce endpoint or hostname
+    # * +:storage_dns_suffix+             - String. The suffix of a regional Storage Serivce, to
+    # * +:default_endpoints_protocol+     - String. http or https
+    # * +:use_path_style_uri+             - String. Whether use path style URI for specified endpoints
+    # * +:ca_file+                        - String. File path of the CA file if having issue with SSL
+    #
+    # The valid set of options inlcude:
+    # * Storage Emulator: +:use_development_storage+ required, +:development_storage_proxy_uri+ optionally
+    # * Storage account name and key: +:storage_account_name+ and +:storage_access_key+ required, set +:storage_dns_suffix+ necessarily
+    # * Storage account name and SAS token: +:storage_account_name+ and +:storage_sas_token+ required, set +:storage_dns_suffix+ necessarily
+    # * Specified hosts and SAS token: At least one of the service host and SAS token. It's up to user to ensure the SAS token is suitable for the serivce
+    # * Anonymous Blob: only +:storage_blob_host+, if it is to only access blobs within a container
+    #
+    # Additional notes:
+    # * Specified hosts can be set when use account name with access key or sas token
+    # * +:default_endpoints_protocol+ can be set if the scheme is not specified in hosts
+    # * Storage emulator always use path style URI
+    #
+    # When empty options are given, it will try to read settings from Environment Variables. Refer to [Azure::Storage::ClientOptions.env_vars_mapping] for the mapping relationship
+    #
+    # @return [Azure::Storage::Client]
+    def reset!(options = {})
+      if options.is_a? String
+        options = parse_connection_string(options)
+      end
+      
+      options = load_env if options.length == 0
+      @ca_file = options.delete(:ca_file)
+      @options = filter(options)
+      self.send(:reset_config!, @options) if self.respond_to?(:reset_config!)
+      self
+    end
+
+    # The options after validated and normalized
+    #
+    # @return [Hash]
+    def options
+      @options ||= {}
+    end
+
+    # The valid options for the storage client
+    #
+    # @return [Array]
+    def self.valid_options
+      @valid_options ||= [
+        :use_development_storage,
+        :development_storage_proxy_uri,
+        :storage_account_name,
+        :storage_access_key,
+        :storage_connection_string,
+        :storage_sas_token,
+        :storage_blob_host,
+        :storage_table_host,
+        :storage_queue_host,
+        :storage_file_host,
+        :storage_dns_suffix,
+        :default_endpoints_protocol,
+        :use_path_style_uri
+      ]
+    end
+
+    # The mapping between Storage Environment Variables and the options name
+    #
+    # @return [Hash]
+    def self.env_vars_mapping
+      @env_vars_mapping ||= {
+        'EMULATED' => :use_development_storage,
+        'AZURE_STORAGE_ACCOUNT' => :storage_account_name,
+        'AZURE_STORAGE_ACCESS_KEY' => :storage_access_key,
+        'AZURE_STORAGE_CONNECTION_STRING' => :storage_connection_string,
+        'AZURE_STORAGE_BLOB_HOST' => :storage_blob_host,
+        'AZURE_STORAGE_TABLE_HOST' => :storage_table_host,
+        'AZURE_STORAGE_QUEUE_HOST' => :storage_queue_host,
+        'AZURE_STORAGE_FILE_HOST' => :storage_file_host,
+        'AZURE_STORAGE_SAS_TOKEN' => :storage_sas_token,
+        'AZURE_STORAGE_DNS_SUFFIX' => :storage_dns_suffix
+      }
+    end
+
+    # The mapping between Storage Connection String items and the options name
+    #
+    # @return [Hash]
+    def self.connection_string_mapping
+      @connection_string_mapping ||= {
+        'UseDevelopmentStorage' => :use_development_storage,
+        'DevelopmentStorageProxyUri' => :development_storage_proxy_uri,
+        'DefaultEndpointsProtocol' => :default_endpoints_protocol,
+        'AccountName' => :storage_account_name,
+        'AccountKey' => :storage_access_key,
+        'BlobEndpoint' => :storage_blob_host,
+        'TableEndpoint' => :storage_table_host,
+        'QueueEndpoint' => :storage_queue_host,
+        'FileEndpoint' => :storage_file_host,
+        'SharedAccessSignature' => :storage_sas_token,
+        'EndpointSuffix' => :storage_dns_suffix
+      }
+    end
+
+    private
+
+    # Check if this client is configured with the same options
+    def same_options?(opts)
+      opts.hash == input.hash
+    end
+
+    def method_missing(method_name)
+      return super unless options.key? method_name
+      options[method_name]
+    end
+
+    def filter(opts={})
+      results = {}
+
+      # P1 - develpoment storage
+      begin
+        results = validated_options(opts,
+                                    :required => [:use_development_storage],
+                                    :optional => [:development_storage_proxy_uri])
+        results[:use_development_storage] = true
+        proxy_uri = results[:development_storage_proxy_uri] ||= StorageServiceClientConstants::DEV_STORE_URI
+        results.merge!({:storage_account_name => StorageServiceClientConstants::DEVSTORE_STORAGE_ACCOUNT,
+                        :storage_access_key => StorageServiceClientConstants::DEVSTORE_STORAGE_ACCESS_KEY,
+                        :storage_blob_host => "#{proxy_uri}:#{StorageServiceClientConstants::DEVSTORE_BLOB_HOST_PORT}",
+                        :storage_table_host => "#{proxy_uri}:#{StorageServiceClientConstants::DEVSTORE_TABLE_HOST_PORT}",
+                        :storage_queue_host => "#{proxy_uri}:#{StorageServiceClientConstants::DEVSTORE_QUEUE_HOST_PORT}",
+                        :storage_file_host => "#{proxy_uri}:#{StorageServiceClientConstants::DEVSTORE_FILE_HOST_PORT}",
+                        :use_path_style_uri => true})
+        return results
+      rescue InvalidOptionsError => e
+      end
+      
+      # P2 - explicit hosts with account connection string
+      begin
+        results = validated_options(opts,
+                                    :required => [:storage_connection_string],
+                                    :optional => [:use_path_style_uri])
+        results[:use_path_style_uri] = results.key?(:use_path_style_uri)
+        normalize_hosts(results)
+        return results
+      rescue InvalidOptionsError => e
+      end
+
+      # P3 - account name and key or sas with default hosts or an end suffix
+      begin
+        results = validated_options(opts,
+                                    :required => [:storage_account_name],
+                                    :only_one => [:storage_access_key, :storage_sas_token],
+                                    :optional => [:default_endpoints_protocol, :storage_dns_suffix])
+        protocol = results[:default_endpoints_protocol] ||= StorageServiceClientConstants::DEFAULT_PROTOCOL
+        suffix = results[:storage_dns_suffix] ||= StorageServiceClientConstants::DEFAULT_ENDPOINT_SUFFIX
+        account = results[:storage_account_name]
+        results.merge!({:storage_blob_host => "#{protocol}://#{account}.#{ServiceType::BLOB}.#{suffix}",
+                        :storage_table_host => "#{protocol}://#{account}.#{ServiceType::TABLE}.#{suffix}",
+                        :storage_queue_host => "#{protocol}://#{account}.#{ServiceType::QUEUE}.#{suffix}",
+                        :storage_file_host => "#{protocol}://#{account}.#{ServiceType::FILE}.#{suffix}",
+                        :use_path_style_uri => false})
+        return results
+      rescue InvalidOptionsError => e
+      end
+
+      # P4 - explicit hosts with account name and key
+      begin
+        results = validated_options(opts,
+                                    :required => [:storage_account_name, :storage_access_key],
+                                    :at_least_one => [:storage_blob_host, :storage_table_host, :storage_file_host, :storage_queue_host],
+                                    :optional => [:use_path_style_uri, :default_endpoints_protocol])
+        results[:use_path_style_uri] = results.key?(:use_path_style_uri)
+        normalize_hosts(results)
+        return results
+      rescue InvalidOptionsError => e
+      end
+
+      # P5 - anonymous or sas only for one or more particular services, options with account name/key + hosts should be already validated in P4
+      begin
+        results = validated_options(opts,
+                                    :at_least_one => [:storage_blob_host, :storage_table_host, :storage_file_host, :storage_queue_host],
+                                    :optional => [:use_path_style_uri, :default_endpoints_protocol, :storage_sas_token])
+        results[:use_path_style_uri] = results.key?(:use_path_style_uri)
+        normalize_hosts(results)
+        return results
+      rescue InvalidOptionsError => e
+      end
+
+      raise InvalidOptionsError,"options provided are not valid set: #{options}" # wrong opts if move to this line
+    end
+
+    def normalize_hosts(options)
+      if options[:default_endpoints_protocol]
+        [:storage_blob_host, :storage_table_host, :storage_file_host, :storage_queue_host].each do |k|
+          if options[k]
+            raise InvalidOptionsError,'Explict host cannot contain scheme if default_endpoints_protocol is set.' if options[k] =~ /^https?/
+            options[k] = "#{options[:default_endpoints_protocol]}://#{options[k]}"
+          end
+        end
+      end
+    end
+
+    def is_base64_encoded
+      Proc.new do |i|
+        i.is_a?(String) && i =~ /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=|[A-Za-z0-9+\/]{4})$/
+      end
+    end
+
+    def is_url
+      Proc.new do |i|
+        i = 'http://'+i unless i =~ /\Ahttps?:\/\//
+        i =~ URI.regexp(['http', 'https'])
+      end
+    end
+
+    def is_true
+      Proc.new { |i| i == true || (i.is_a?(String) && i.downcase == 'true') }
+    end
+
+    def is_non_empty_string
+      Proc.new { |i| i && i.is_a?(String) && i.strip.length }
+    end
+
+    def validated_options(opts, requirements = {})
+      raise InvalidOptionsError,'nil is not allowed for option\'s value' if opts.values.any? { |v| v == nil }
+      required = requirements[:required] || []
+      at_least_one = requirements[:at_least_one] || []
+      only_one = requirements[:only_one] || []
+      optional = requirements[:optional] || []
+
+      raise InvalidOptionsError,"Not all required keys are provided: #{required}" if required.any? { |k| !opts.key? k}
+      raise InvalidOptionsError,"Only one of #{only_one} is required" unless only_one.length == 0 || only_one.count { |k| opts.key? k} == 1
+      raise InvalidOptionsError,"At least one of #{at_least_one} is required" unless at_least_one.length == 0 || at_least_one.any? { |k| opts.key? k}
+
+      @@option_validators ||= {
+        :use_development_storage => is_true,
+        :development_storage_proxy_uri => is_url,
+        :storage_account_name => lambda { |i| i.is_a?(String) },
+        :storage_access_key => is_base64_encoded,
+        :storage_sas_token => lambda { |i| i.is_a?(String) },
+        :storage_blob_host => is_url,
+        :storage_table_host => is_url,
+        :storage_queue_host => is_url,
+        :storage_file_host => is_url,
+        :storage_dns_suffix => is_url,
+        :default_endpoints_protocol => lambda { |i| ['http', 'https'].include? i.downcase },
+        :use_path_style_uri => is_true
+      }
+
+      valid_options = required + at_least_one + only_one + optional
+      results = {}
+      opts.each do |k,v|
+        raise InvalidOptionsError,"#{k} is not included in valid options" unless valid_options.length == 0 || valid_options.include?(k)
+        unless @@option_validators.key?(k) && @@option_validators[k].call(v)
+          raise InvalidOptionsError,"#{k} is invalid"
+        end
+        results[k] = v
+      end
+      results
+    end
+
+    def load_env
+      cs = ENV['AZURE_STORAGE_CONNECTION_STRING']
+      return parse_connection_string(cs) if cs
+
+      opts = {}
+      ClientOptions.env_vars_mapping.each { |k,v| opts[v] = ENV[k] if ENV[k] }
+      opts
+    end
+
+    def parse_connection_string(connection_string)
+      opts = {}
+      cs_items = connection_string.split(';').each do |i|
+        e = i.index('=')
+        raise InvalidConnectionStringError,SR::INVALID_CONNECTION_STRING if e < 0 || e == i.length - 1
+        key,value = i[0..e-1],i[e+1..i.length-1]
+        raise InvalidConnectionStringError, SR::INVALID_CONNECTION_STRING_BAD_KEY % key unless ClientOptions.connection_string_mapping.key? key
+        raise InvalidConnectionStringError, SR::INVALID_CONNECTION_STRING_EMPTY_KEY % key if value.length == 0
+        raise InvalidConnectionStringError, SR::INVALID_CONNECTION_STRING_DUPLICATE_KEY % key if opts.key? key
+        opts[ClientOptions.connection_string_mapping[key]] = value
+      end
+      raise InvalidConnectionStringError,SR::INVALID_CONNECTION_STRING if opts.length == 0
+
+      opts
+    end
+
+  end
+
+end