[Storage] Support DatalakeGen2 SAS token (#18110)

* [Storage] Support DatalakeGen2 SAS token

* fix CI failure

* fix review comments

Author: blueww

src/Storage/Storage.Management.Test/ScenarioTests/StorageDataPlaneTests.ps1

@@ -846,7 +846,9 @@ function Test-DatalakeGen2
                 -Permission rw-rw--wx `
                 -Owner '$superuser' `
                 -Group '$superuser'
-		$file1 = Get-AzDataLakeGen2Item -Context $storageContext -FileSystem $filesystemName -Path $filePath1
+        $sas = New-AzDataLakeGen2SasToken -FileSystem $filesystemName -Path $filePath1 -Permission rw -Context $storageContext
+        $ctxsas = New-AzStorageContext -StorageAccountName $StorageAccountName -SasToken $sas
+		$file1 = Get-AzDataLakeGen2Item -Context $ctxsas -FileSystem $filesystemName -Path $filePath1
 		Assert-AreEqual $file1.Path $filePath1
         Assert-AreEqual $file1.Permissions.ToSymbolicPermissions() "rw-rw--wx"
         Assert-AreEqual $file1.Properties.ContentType $ContentType

src/Storage/Storage.Management.Test/Storage.Management.Test.csproj

@@ -11,10 +11,10 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Azure.Storage.Blobs" Version="12.11.0" />
-    <PackageReference Include="Azure.Storage.Files.DataLake" Version="12.9.0" />
-    <PackageReference Include="Azure.Storage.Files.Shares" Version="12.9.0" />
-    <PackageReference Include="Azure.Storage.Queues" Version="12.9.0" />
+    <PackageReference Include="Azure.Storage.Blobs" Version="12.12.0" />
+    <PackageReference Include="Azure.Storage.Files.DataLake" Version="12.10.0" />
+    <PackageReference Include="Azure.Storage.Files.Shares" Version="12.10.0" />
+    <PackageReference Include="Azure.Storage.Queues" Version="12.10.0" />
     <PackageReference Include="Microsoft.Azure.Management.Storage" Version="24.0.0" />
   </ItemGroup>
 

src/Storage/Storage.Management/Az.Storage.psd1

@@ -197,7 +197,8 @@ CmdletsToExport = 'Get-AzStorageAccount', 'Get-AzStorageAccountKey',
                'Set-AzStorageBlobImmutabilityPolicy', 
                'Remove-AzStorageBlobImmutabilityPolicy', 
                'Set-AzStorageBlobLegalHold', 
-               'Invoke-AzRmStorageContainerImmutableStorageWithVersioningMigration'
+               'Invoke-AzRmStorageContainerImmutableStorageWithVersioningMigration', 
+               'New-AzDataLakeGen2SasToken'
 
 # Variables to export from this module
 # VariablesToExport = @()

src/Storage/Storage.Management/ChangeLog.md

@@ -18,6 +18,8 @@
         - Additional information about change #1
 -->
 ## Upcoming Release
+* Supported generae Sas token for DataLakeGen2
+    -  `New-AzDataLakeGen2SasToken`
 * Show OAuth token in debug log in debug build only
     -  `New-AzStorageContext`
 

src/Storage/Storage.Management/help/Az.Storage.md

@@ -197,6 +197,9 @@ Move a file or directory to another a file or directory in same Storage account.
 ### [New-AzDataLakeGen2Item](New-AzDataLakeGen2Item.md)
 Create a file or directory in a filesystem.
 
+### [New-AzDataLakeGen2SasToken](New-AzDataLakeGen2SasToken.md)
+Generates a SAS token for an Azure storage blob.
+
 ### [New-AzRmStorageContainer](New-AzRmStorageContainer.md)
 Creates a Storage blob container
 

src/Storage/Storage.Management/help/New-AzDataLakeGen2SasToken.md

@@ -0,0 +1,238 @@
+---
+external help file: Microsoft.Azure.PowerShell.Cmdlets.Storage.dll-Help.xml
+Module Name: Az.Storage
+online version: https://docs.microsoft.com/powershell/module/az.storage/new-azdatalakegen2sastoken
+schema: 2.0.0
+---
+
+# New-AzDataLakeGen2SasToken
+
+## SYNOPSIS
+Generates a SAS token for Azure DatalakeGen2 item.
+
+## SYNTAX
+
+### ReceiveManual (Default)
+```
+New-AzDataLakeGen2SasToken [-FileSystem] <String> [-Path <String>] [-Permission <String>]
+ [-Protocol <SasProtocol>] [-IPAddressOrRange <String>] [-StartTime <DateTimeOffset>]
+ [-ExpiryTime <DateTimeOffset>] [-FullUri] [-Context <IStorageContext>]
+ [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
+```
+
+### ItemPipeline
+```
+New-AzDataLakeGen2SasToken -InputObject <AzureDataLakeGen2Item> [-Permission <String>]
+ [-Protocol <SasProtocol>] [-IPAddressOrRange <String>] [-StartTime <DateTimeOffset>]
+ [-ExpiryTime <DateTimeOffset>] [-FullUri] [-Context <IStorageContext>]
+ [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
+```
+
+## DESCRIPTION
+The **New-AzDataLakeGen2SasToken** cmdlet generates a Shared Access Signature (SAS) token for an Azure DatalakeGen2 item.
+
+## EXAMPLES
+
+### Example 1: Generate a SAS token with full permission
+```
+New-AzDataLakeGen2SasToken -FileSystem "filesystem1" -Path "dir1/dir2" -Permission racwdlmeop
+```
+
+This example generates a DatalakeGen2 SAS token with full permission.
+
+### Example 2: Generate a SAS token with specific StartTime, ExpireTime, Protocal, IPAddressOrRange, by pipeline a datalakegen2 item
+```
+Get-AzDataLakeGen2Item -FileSystem test -Path "testdir/dir2" | New-AzDataLakeGen2SasToken -Permission rw -Protocol Https -IPAddressOrRange 10.0.0.0-12.10.0.0 -StartTime (Get-Date) -ExpiryTime (Get-Date).AddDays(6)
+```
+
+This example generates a DatalakeGen2 SAS token by pipeline a datalake gen2 item, and with specific StartTime, ExpireTime, Protocal, IPAddressOrRange.
+
+## PARAMETERS
+
+### -Context
+Azure Storage Context Object
+
+```yaml
+Type: Microsoft.Azure.Commands.Common.Authentication.Abstractions.IStorageContext
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: True (ByPropertyName, ByValue)
+Accept wildcard characters: False
+```
+
+### -DefaultProfile
+The credentials, account, tenant, and subscription used for communication with Azure.
+
+```yaml
+Type: Microsoft.Azure.Commands.Common.Authentication.Abstractions.Core.IAzureContextContainer
+Parameter Sets: (All)
+Aliases: AzureRmContext, AzureCredential
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -ExpiryTime
+Expiry Time
+
+```yaml
+Type: System.Nullable`1[System.DateTimeOffset]
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -FileSystem
+FileSystem name
+
+```yaml
+Type: System.String
+Parameter Sets: ReceiveManual
+Aliases:
+
+Required: True
+Position: 0
+Default value: None
+Accept pipeline input: True (ByValue)
+Accept wildcard characters: False
+```
+
+### -FullUri
+Display full uri with sas token
+
+```yaml
+Type: System.Management.Automation.SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -InputObject
+Azure Datalake Gen2 Item Object to remove.
+
+```yaml
+Type: Microsoft.WindowsAzure.Commands.Common.Storage.ResourceModel.AzureDataLakeGen2Item
+Parameter Sets: ItemPipeline
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: True (ByValue)
+Accept wildcard characters: False
+```
+
+### -IPAddressOrRange
+IP, or IP range ACL (access control list) that the request would be accepted by Azure Storage.
+
+```yaml
+Type: System.String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -Path
+The path in the specified FileSystem that should be retrieved.
+Can be a file or directory In the format 'directory/file.txt' or 'directory1/directory2/'.
+Skip set this parameter to get the root directory of the Filesystem.
+
+```yaml
+Type: System.String
+Parameter Sets: ReceiveManual
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: True (ByValue)
+Accept wildcard characters: False
+```
+
+### -Permission
+Permissions for a blob.
+Permissions can be any not-empty subset of "racwdlmeop".
+
+```yaml
+Type: System.String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -Protocol
+Protocol can be used in the request with this SAS token.
+
+```yaml
+Type: System.Nullable`1[Azure.Storage.Sas.SasProtocol]
+Parameter Sets: (All)
+Aliases:
+Accepted values: None, HttpsAndHttp, Https
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -StartTime
+Start Time
+
+```yaml
+Type: System.Nullable`1[System.DateTimeOffset]
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
+
+## INPUTS
+
+### System.String
+
+### Microsoft.WindowsAzure.Commands.Common.Storage.ResourceModel.AzureDataLakeGen2Item
+
+### Microsoft.Azure.Commands.Common.Authentication.Abstractions.IStorageContext
+
+## OUTPUTS
+
+### System.String
+
+## NOTES
+
+## RELATED LINKS

src/Storage/Storage/Blob/StorageCloudBlobCmdletBase.cs

@@ -74,6 +74,24 @@ public BlobRequestOptions RequestOptions
             }
         }
 
+        public DataLakeClientOptions DataLakeClientOptions
+        {
+            get
+            {
+                if (dataLakeClientOptions == null)
+                {
+                    dataLakeClientOptions = new DataLakeClientOptions();
+                    dataLakeClientOptions.AddPolicy(new UserAgentPolicy(ApiConstants.UserAgentHeaderValue), HttpPipelinePosition.PerCall);
+                    return dataLakeClientOptions;
+                }
+                else
+                {
+                    return dataLakeClientOptions;
+                }
+            }
+        }
+        private DataLakeClientOptions dataLakeClientOptions = null;
+
         public BlobClientOptions ClientOptions
         {
             get
@@ -664,20 +682,20 @@ internal DataLakeFileSystemClient GetFileSystemClientByName(IStorageBlobManageme
 
             if (localChannel.StorageContext.StorageAccount.Credentials.IsToken) //Oauth
             {
-                fileSystem = new DataLakeFileSystemClient(fileSystemUri, localChannel.StorageContext.Track2OauthToken);
+                fileSystem = new DataLakeFileSystemClient(fileSystemUri, localChannel.StorageContext.Track2OauthToken, this.DataLakeClientOptions);
             }
             else if (localChannel.StorageContext.StorageAccount.Credentials.IsSAS) //SAS
             {
-                fileSystem = new DataLakeFileSystemClient(new Uri (fileSystemUri.ToString() + "?" + Util.GetSASStringWithoutQuestionMark(localChannel.StorageContext.StorageAccount.Credentials.SASToken)));
+                fileSystem = new DataLakeFileSystemClient(new Uri (fileSystemUri.ToString() + "?" + Util.GetSASStringWithoutQuestionMark(localChannel.StorageContext.StorageAccount.Credentials.SASToken)), this.DataLakeClientOptions);
             }
             else if (localChannel.StorageContext.StorageAccount.Credentials.IsSharedKey) //Shared Key
             {
                 fileSystem = new DataLakeFileSystemClient(fileSystemUri,
-                     new StorageSharedKeyCredential(localChannel.StorageContext.StorageAccountName, localChannel.StorageContext.StorageAccount.Credentials.ExportBase64EncodedKey()));
+                     new StorageSharedKeyCredential(localChannel.StorageContext.StorageAccountName, localChannel.StorageContext.StorageAccount.Credentials.ExportBase64EncodedKey()), this.DataLakeClientOptions);
             }
             else //Anonymous
             {
-                fileSystem = new DataLakeFileSystemClient(fileSystemUri);
+                fileSystem = new DataLakeFileSystemClient(fileSystemUri, this.DataLakeClientOptions);
             }
 
             return fileSystem;

src/Storage/Storage/Common/AzureDataLakeGen2Item.cs

@@ -103,6 +103,11 @@ public class AzureDataLakeGen2Item : AzureStorageBase
         [Ps1Xml(Label = "Group", Target = ViewControl.Table, Position = 7, TableColumnWidth = 10)]
         public string Group { get; set; }
 
+        /// <summary>
+        /// The PathItem properties of the item, the property only exist if the item is listout
+        /// </summary>
+        public PathItem ListPathItem { get; set; }
+
         /// <summary>
         /// Azure DataLakeGen2 Item constructor
         /// </summary>
@@ -190,6 +195,7 @@ public AzureDataLakeGen2Item(PathItem item, DataLakeFileSystemClient fileSystem,
         {
             this.Name = item.Name;
             this.Path = item.Name;
+            this.ListPathItem = item;
             this.IsDirectory = item.IsDirectory is null ? false : item.IsDirectory.Value;
             DataLakePathClient pathclient = null;
             if (this.IsDirectory) // Directory