Smarttesting - every software deserves one Getting started with REST API Testing
Andrei-Mihai Contan • Tester for more than 12 years, currently a Test Architect, co-founder of Romanian Testing Conference and triathlete About me • Phd Student – “Convergence of Social Sciences in the area of Software Testing” • Software Testing Trainer • Founder of Smarttesting Services • Global Judge in the STWC
• “Is there some broken manual somewhere that needs to be fixed?” What is REST? Roy Thomas Fielding, REST inventor
• REST API Google Trends – as of April, 2017 What is REST?
What is REST?
What is REST? Is this just Almost each Internet is full ….but what another product claims of articles does REST presentation to be RESTful about REST mean? about REST?
• An architectural style • A set of guidelines for distributed hypermedia systems REST is… • A wide majority of people claim that their product is RESTful, but in fact it is not.
• REST is defined as a set of architectural constraints . An REST is… application which fulfills all the constraints can be called RESTful
1. Uniform interface 2. Client-server 3. Stateless 4. Cache (Client or Server level) REST CONSTRAINTS 5. Layered system ( Data Access Layer, Business Logic Layer, Presentation Layer)
Architecture with API Architecture w/out API
• a Protocol – SOAP Is • an API • HTTP REST is not… • client • a magic solution for everything
• RE presentational S tate T ransfer is an abstraction of the architectural elements within distributed hypermedia system. • REST ignores details of component REST implementation and protocol syntax in order to focus on the role of components, constraints of their interaction and their interpretation
Benefits of REST Performance Scalability Simplicity Modifiability Visibility Portability Reliability http://whatisrest.com/rest_architectural_goals/index
• REST can be applied on HTTP • HTTP = HyperText Transfer – PROTOCOL REST? • REST suggests how the protocol must be used
Who uses REST?
Who uses REST?
HTTP CALL HTTP CALL
• protocol://url:port/reso REST over HTTP urces?queryParameters Template
REST Format - URI Example GET https://api.randomuser.me/users?nat=GB&gender=male Query Params resource HTTP Verb URL Protocol QueryParams Delimiter QuestionMark
HTTP verbs • HTTP verbs are used to describe the type of action in a CRUD model Operation Type HTTP verb Obs CREATE POST Creates data READ GET Retrieves data UPDATE PUT Modifies data DELETE DELETE Deletes Data
Maslow’s Pyramid of API needs “Teams need to look beyond just testing for functional and behavioral SOLUTION completeness. They need to move upward to ensure what they are externalizing to internal and/or external developers is complete.” BEHAVIORAL
Testing Pyramid
Testing Pyramid Testing Scales https://www.joecolantonio.com/2015/12/09/w hy-the-testing-pyramid-is-misleading-think- scales/
How to test REST API? Behavioral API Contractual API Solution-oriented Testing Testing API Testing
SFDIPOT
SFDIPOT
SFDIPOT
SFDIPOT
Choosing the right tool • D.E.B.U.T. • D ata Driven support • E nvironment management • B udget/Licensing • U ser Friendly • T echnology agnostic
• PostMan Client • SoapUI • BurpSuite • RestAssured • RestSharp • Swagger UI • Frisby.JS Some tools available • cURL • Mocha • Fiddler • ….many more • OWASP ZAP • Advanced Rest
K. K.I.L.L. I I.T. K now your Identify L ook at your L ook for I dentify T est it API i nput API as a endpoints types of thoroughly parameters product operations and types
Test it thoroughly 01 02 03 04 05 06 07 Error Error Params SQL Concurren Content- Data handling codes tampering Injections cy Types validation
• Architecture knowledge • Communication skills • HTTP(s)/ TCP/ SSH - protocol REST TESTING SKILLS knowledge • Testing techniques
• REST is an architectural style, a guideline • Benefits of REST • Maslow’s Pyramid of API needs Summary • Learning your API - K.I.L.L.I.T. • Choosing the right tool - D.E.B.U.T • Skills
Recommend
More recommend
