diff --git a/lib/vapi-client-bindings/index.html b/lib/vapi-client-bindings/index.html
index e16a4a5a..ec8b5210 100644
--- a/lib/vapi-client-bindings/index.html
+++ b/lib/vapi-client-bindings/index.html
@@ -1 +1 @@
-vapi_client_bindings-1.5.0-py2.py3-none-any.whl
+vapi_client_bindings-3.0.0-py2.py3-none-any.whl
\ No newline at end of file
diff --git a/lib/vapi-client-bindings/vapi_client_bindings-1.5.0-py2.py3-none-any.whl b/lib/vapi-client-bindings/vapi_client_bindings-1.5.0-py2.py3-none-any.whl
deleted file mode 100644
index 09491623..00000000
Binary files a/lib/vapi-client-bindings/vapi_client_bindings-1.5.0-py2.py3-none-any.whl and /dev/null differ
diff --git a/lib/vapi-client-bindings/vapi_client_bindings-3.0.0-py2.py3-none-any.whl b/lib/vapi-client-bindings/vapi_client_bindings-3.0.0-py2.py3-none-any.whl
new file mode 100644
index 00000000..3458a39a
Binary files /dev/null and b/lib/vapi-client-bindings/vapi_client_bindings-3.0.0-py2.py3-none-any.whl differ
diff --git a/lib/vapi-common-client/index.html b/lib/vapi-common-client/index.html
index b4fe9cee..b00116a3 100644
--- a/lib/vapi-common-client/index.html
+++ b/lib/vapi-common-client/index.html
@@ -1 +1 @@
-vapi_common_client-2.10.2-py2.py3-none-any.whl
+vapi_common_client-2.12.0-py2.py3-none-any.whl
\ No newline at end of file
diff --git a/lib/vapi-common-client/vapi_common_client-2.10.2-py2.py3-none-any.whl b/lib/vapi-common-client/vapi_common_client-2.10.2-py2.py3-none-any.whl
deleted file mode 100644
index 07089c52..00000000
Binary files a/lib/vapi-common-client/vapi_common_client-2.10.2-py2.py3-none-any.whl and /dev/null differ
diff --git a/lib/vapi-common-client/vapi_common_client-2.12.0-py2.py3-none-any.whl b/lib/vapi-common-client/vapi_common_client-2.12.0-py2.py3-none-any.whl
new file mode 100644
index 00000000..481b9bc6
Binary files /dev/null and b/lib/vapi-common-client/vapi_common_client-2.12.0-py2.py3-none-any.whl differ
diff --git a/lib/vapi-runtime/index.html b/lib/vapi-runtime/index.html
index aa372894..e4c93f67 100644
--- a/lib/vapi-runtime/index.html
+++ b/lib/vapi-runtime/index.html
@@ -1 +1 @@
-vapi_runtime-2.10.2-py2.py3-none-any.whl
+vapi_runtime-2.12.0-py2.py3-none-any.whl
\ No newline at end of file
diff --git a/lib/vapi-runtime/vapi_runtime-2.10.2-py2.py3-none-any.whl b/lib/vapi-runtime/vapi_runtime-2.10.2-py2.py3-none-any.whl
deleted file mode 100644
index 05c14808..00000000
Binary files a/lib/vapi-runtime/vapi_runtime-2.10.2-py2.py3-none-any.whl and /dev/null differ
diff --git a/lib/vapi-runtime/vapi_runtime-2.12.0-py2.py3-none-any.whl b/lib/vapi-runtime/vapi_runtime-2.12.0-py2.py3-none-any.whl
new file mode 100644
index 00000000..4568d3ae
Binary files /dev/null and b/lib/vapi-runtime/vapi_runtime-2.12.0-py2.py3-none-any.whl differ
diff --git a/lib/vmc-client-bindings/vmc_client_bindings-1.3.1-py2.py3-none-any.whl b/lib/vmc-client-bindings/vmc_client_bindings-1.3.1-py2.py3-none-any.whl
index d49e0b2b..9cf4f6ad 100644
Binary files a/lib/vmc-client-bindings/vmc_client_bindings-1.3.1-py2.py3-none-any.whl and b/lib/vmc-client-bindings/vmc_client_bindings-1.3.1-py2.py3-none-any.whl differ
diff --git a/requirements.txt b/requirements.txt
index 6da8be7a..ae39fe0a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,7 +2,7 @@ lxml >= 4.3.0
pyVmomi >= 6.7
suds ; python_version < '3'
suds-jurko ; python_version >= '3.0'
-vapi-client-bindings == 1.5.0
+vapi-client-bindings == 3.0.0
vmc-client-bindings
nsx-python-sdk
nsx-policy-python-sdk
diff --git a/samples/vsphere/oauth/__init__.py b/samples/vsphere/oauth/__init__.py
new file mode 100644
index 00000000..240699dd
--- /dev/null
+++ b/samples/vsphere/oauth/__init__.py
@@ -0,0 +1,25 @@
+"""
+* *******************************************************
+* Copyright VMware, Inc. 2019. All Rights Reserved.
+* SPDX-License-Identifier: MIT
+* *******************************************************
+*
+* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
+* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
+* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
+* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
+"""
+
+__author__ = 'VMware, Inc.'
+
+# Required to distribute different parts of this
+# package as multiple distribution
+try:
+ import pkg_resources
+
+ pkg_resources.declare_namespace(__name__)
+except ImportError:
+ from pkgutil import extend_path
+
+ __path__ = extend_path(__path__, __name__) # @ReservedAssignment
diff --git a/samples/vsphere/oauth/exchange_access_id_token_for_saml.py b/samples/vsphere/oauth/exchange_access_id_token_for_saml.py
new file mode 100644
index 00000000..0abd2a78
--- /dev/null
+++ b/samples/vsphere/oauth/exchange_access_id_token_for_saml.py
@@ -0,0 +1,98 @@
+"""
+* *******************************************************
+* Copyright VMware, Inc. 2019. All Rights Reserved.
+* SPDX-License-Identifier: MIT
+* *******************************************************
+*
+* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
+* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
+* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
+* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
+"""
+
+__author__ = 'VMware, Inc.'
+__vcenter_version__ = '6.8.7+'
+
+import argparse
+import base64
+import requests
+from com.vmware.vcenter.tokenservice_client import TokenExchange
+from lxml import etree
+from vmware.vapi.lib.connect import get_requests_connector
+from vmware.vapi.security.oauth import create_oauth_security_context
+from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
+from vmware.vapi.vsphere.client import create_vsphere_client
+
+from samples.vsphere.common.ssl_helper import get_unverified_session
+
+'''
+This sample demonstrates obtaining saml token from access(subject) and id(actor) tokens
+The SAML token is then used to connect to VCenter and list all the VM Details
+
+Pre-requisites:
+- a VCenter
+- access/subject token
+- id/actor token
+
+To run the sample,
+$ python exchange_access_id_token_for_saml_token.py --vc --subject_token --actor_token --skipverification
+'''
+
+HTTP_ENDPOINT = "https://{}/api"
+UTF8 = 'utf-8'
+
+parser = argparse.ArgumentParser(description='arguments for obtaining SAML token from access(subject) and id(actor) tokens')
+
+parser.add_argument('--vc', dest='vcenter_server',
+ help='VCenter hostname or IP')
+parser.add_argument('--subject_token', dest='subject_token',
+ help='Subject/Access token')
+parser.add_argument('--actor_token', dest='actor_token',
+ help='Actor/ID token')
+parser.add_argument('--skipverification',
+ action='store_true',
+ help='Skip Server Certificate Verification')
+
+args = parser.parse_args()
+
+session = requests.session()
+if args.skipverification:
+ session = get_unverified_session()
+
+stub_config = StubConfigurationFactory.new_std_configuration(
+ get_requests_connector(
+ session=session,
+ url=HTTP_ENDPOINT.format(args.vcenter_server)
+ )
+ )
+
+# create oauth security context for authentication
+oauth_security_context = create_oauth_security_context(args.subject_token)
+stub_config.connector.set_security_context(oauth_security_context)
+
+token_exchange = TokenExchange(stub_config)
+exchange_spec = token_exchange.ExchangeSpec(
+ grant_type=token_exchange.TOKEN_EXCHANGE_GRANT,
+ subject_token_type=token_exchange.ACCESS_TOKEN_TYPE,
+ actor_token_type=token_exchange.ID_TOKEN_TYPE,
+ requested_token_type=token_exchange.SAML2_TOKEN_TYPE,
+ actor_token=args.actor_token, subject_token=args.subject_token)
+response = token_exchange.exchange(exchange_spec)
+saml_token = response.access_token
+
+# convert saml token to saml assertion
+samlAssertion = etree.tostring(
+ etree.XML(base64.decodebytes(
+ bytes(saml_token, UTF8)
+ ))
+).decode(UTF8)
+
+# create vsphere client to connect to VC and list VM Details
+client = create_vsphere_client(server=args.vcenter_server, bearer_token=samlAssertion, session=session)
+vms = client.vcenter.VM.list()
+
+print("VM List\n", "-" * 50)
+for vm in vms:
+ print(vm.name)
+print("-" * 50)
diff --git a/samples/vsphere/oauth/list_external_identity_providers.py b/samples/vsphere/oauth/list_external_identity_providers.py
new file mode 100644
index 00000000..0c2eea5b
--- /dev/null
+++ b/samples/vsphere/oauth/list_external_identity_providers.py
@@ -0,0 +1,62 @@
+"""
+* *******************************************************
+* Copyright VMware, Inc. 2019. All Rights Reserved.
+* SPDX-License-Identifier: MIT
+* *******************************************************
+*
+* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
+* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
+* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
+* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
+"""
+
+__author__ = 'VMware, Inc.'
+__vcenter_version__ = '6.8.7+'
+
+import argparse
+import requests
+from com.vmware.vcenter.identity_client import Providers
+from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
+from samples.vsphere.common.ssl_helper import get_unverified_session
+from vmware.vapi.lib.connect import get_requests_connector
+
+'''
+This sample lists all the external Identity Providers for the given VCenter
+
+Pre-requisites:
+- a VCenter
+
+To run the sample,
+$ python list_external_identity_providers.py --vc --skipverification
+'''
+
+HTTP_ENDPOINT = "https://{}/api"
+
+parser = argparse.ArgumentParser(description='arguments for listing external Identity Providers')
+
+parser.add_argument('--vc', dest='vcenter_server',
+ help='VCenter hostname or IP')
+parser.add_argument('--skipverification',
+ action='store_true',
+ help='Skip Server Certificate Verification')
+
+args = parser.parse_args()
+
+session = requests.session()
+if args.skipverification:
+ session = get_unverified_session()
+
+stub_config = StubConfigurationFactory.new_std_configuration(get_requests_connector(session=session, url=HTTP_ENDPOINT.format(args.vcenter_server)))
+
+# use the identity client to list the providers
+id_client = Providers(stub_config)
+providers = id_client.list()
+print("Total providers: {}\n".format(len(providers)))
+print("-" * 100)
+
+# print summary of the providers
+for p in providers:
+ print("Auth Endpoint: {}\n".format(p.oauth2.auth_endpoint))
+ print("Token Endpoint: {}\n".format(p.oauth2.token_endpoint))
+ print("-" * 100)
diff --git a/samples/vsphere/vcenter/converge/converge_sample.py b/samples/vsphere/vcenter/converge/converge_sample.py
new file mode 100644
index 00000000..6f4c6548
--- /dev/null
+++ b/samples/vsphere/vcenter/converge/converge_sample.py
@@ -0,0 +1,106 @@
+#!/usr/bin/env python
+"""
+* *******************************************************
+* Copyright (c) VMware, Inc. 2019. All Rights Reserved.
+* SPDX-License-Identifier: MIT
+* *******************************************************
+*
+* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
+* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
+* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
+* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
+"""
+
+__author__ = 'VMware, Inc.'
+
+import os
+import requests
+
+from com.vmware.vcenter.system_config_client import DeploymentType
+
+from samples.vsphere.common import sample_cli, sample_util
+from samples.vsphere.common.ssl_helper import get_unverified_session
+
+from vmware.vapi.core import ApplicationContext
+from vmware.vapi.lib.constants import SHOW_UNRELEASED_APIS
+from vmware.vapi.lib.connect import get_connector, get_requests_connector
+from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
+from vmware.vapi.security.client.security_context_filter import \
+ LegacySecurityContextFilter, ApiProviderFilter
+from vmware.vapi.security.user_password import \
+ create_user_password_security_context
+
+
+class SampleConverge(object):
+ """
+ Sample demonstrating vCenter External to Embedded Convergence operation
+ Sample Prerequisites:
+ vCenter on linux platform with external Platform Services Controller
+ """
+ def __init__(self):
+ parser = sample_cli.build_arg_parser()
+ parser.add_argument(
+ '-a', '--sso_admin_username', action='store', required=True,
+ default='Sample_PSC_username',
+ help='Platform Services Controller admin username')
+ parser.add_argument(
+ '-w', '--sso_admin_password', action='store', required=True,
+ default='Sample_PSC_Admin_Password',
+ help='Platform Services Controller admin password')
+
+ args = sample_util.process_cli_args(parser.parse_args())
+ self.username = args.username
+ self.password = args.password
+ self.sso_admin_username = args.sso_admin_username
+ self.sso_admin_password = args.sso_admin_password
+ self.server = args.server
+ self.skipverification = args.skipverification
+
+ def run(self):
+ """
+ Converges the external PSC into the Management Node without shutting
+ down the Platform Services Controller.
+ """
+ session = get_unverified_session() if self.skipverification else None
+
+ sec_ctx = create_user_password_security_context(
+ self.username, self.password)
+ # TODO The following line to be deleted when API is changed to
+ # @Release type. As of now this is only for testing
+ app_ctx = ApplicationContext({SHOW_UNRELEASED_APIS: "True"})
+
+ connector = get_requests_connector(
+ session=session,
+ msg_protocol='json',
+ url='https://{0}:5480/api'.format(self.server),
+ provider_filter_chain=[
+ LegacySecurityContextFilter(
+ security_context=sec_ctx)])
+ connector.set_application_context(app_ctx)
+ stub_config = StubConfigurationFactory.new_std_configuration(connector)
+ deployment_type = DeploymentType(stub_config)
+ """
+ Running convergence task precheck.
+ Remove the line ", only_precheck = True" to perform convergence.
+ """
+ convergence_task = deployment_type.convert_to_vcsa_embedded_task(
+ DeploymentType.ConvergenceSpec(DeploymentType.PscInfo(
+ sso_admin_username=self.sso_admin_username,
+ sso_admin_password=self.sso_admin_password),
+ only_precheck=True))
+
+ print('Converge operation started with task ID: \n{0}'.format(
+ convergence_task.get_task_id()))
+
+
+def main():
+ """
+ Entry point for the sample client
+ """
+ converge = SampleConverge()
+ converge.run()
+
+
+if __name__ == '__main__':
+ main()
diff --git a/samples/vsphere/vcenter/converge/decommission_sample.py b/samples/vsphere/vcenter/converge/decommission_sample.py
new file mode 100644
index 00000000..82fc0073
--- /dev/null
+++ b/samples/vsphere/vcenter/converge/decommission_sample.py
@@ -0,0 +1,110 @@
+#!/usr/bin/env python
+"""
+* *******************************************************
+* Copyright (c) VMware, Inc. 2019. All Rights Reserved.
+* SPDX-License-Identifier: MIT
+* *******************************************************
+*
+* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
+* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
+* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
+* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
+"""
+
+__author__ = 'VMware, Inc.'
+
+import requests
+
+
+from com.vmware.vcenter.topology_client import Pscs
+
+from samples.vsphere.common import sample_cli, sample_util
+from samples.vsphere.common.ssl_helper import get_unverified_session
+
+from vmware.vapi.lib.connect import get_connector, get_requests_connector
+from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
+
+from vmware.vapi.security.user_password import \
+ create_user_password_security_context
+from vmware.vapi.core import ApplicationContext
+from vmware.vapi.lib.constants import SHOW_UNRELEASED_APIS
+
+
+class SampleDecommission(object):
+ """
+ Demonstrates Decommission operation for external PSC
+ Sample Prerequisites:
+ Embedded vCenter on linux platform with replication to Platform Services
+ Controller to be decommissioned
+ """
+ def __init__(self):
+ parser = sample_cli.build_arg_parser()
+ parser.add_argument(
+ '-psc_h', '--psc_host_name', action='store',
+ default='Sample_PSC_hostname',
+ help='Platform Services Controller FQDN / IP as per configuration')
+ parser.add_argument(
+ '-a', '--sso_admin_username', action='store',
+ default='Sample_PSC_username',
+ help='Platform Services Controller admin username')
+ parser.add_argument(
+ '-w', '--sso_admin_password', action='store',
+ default='Sample_PSC_Admin_Password',
+ help='Platform Services Controller admin password')
+
+ args = sample_util.process_cli_args(parser.parse_args())
+ self.psc_hostname = args.psc_host_name
+ self.username = args.username
+ self.password = args.password
+ self.sso_admin_username = args.sso_admin_username
+ self.sso_admin_password = args.sso_admin_password
+ self.server = args.server
+ self.skipverification = args.skipverification
+
+ def run(self):
+ """
+ Decommissions a PSC node from a Management Node
+ """
+ session = get_unverified_session() if self.skipverification else None
+
+ sec_ctx = create_user_password_security_context(
+ self.username, self.password)
+ # TODO The following line to be deleted when API is changed to
+ # @Release type. As of now this is only for testing
+ app_ctx = ApplicationContext({SHOW_UNRELEASED_APIS: "True"})
+
+ connector = get_requests_connector(
+ session=session,
+ msg_protocol='json',
+ url='https://{0}:5480/api'.format(self.server))
+ connector.set_security_context(sec_ctx)
+ connector.set_application_context(app_ctx)
+ stub_config = StubConfigurationFactory.new_std_configuration(connector)
+ pscs_obj = Pscs(stub_config)
+ """
+ Running decommission task precheck.
+ Remove the line ", only_precheck = True" to perform decommission.
+ """
+ decommission_task = pscs_obj.decommission_task(
+ self.psc_hostname,
+ Pscs.DecommissionSpec(
+ sso_admin_username=self.sso_admin_username,
+ sso_admin_password=self.sso_admin_password),
+ only_precheck=True)
+
+ print(
+ 'Decommission operation started with task ID: \n%s',
+ decommission_task.get_task_id())
+
+
+def main():
+ """
+ Entry point for the sample client
+ """
+ decommision_obj = SampleDecommission()
+ decommision_obj.run()
+
+
+if __name__ == '__main__':
+ main()