Version: Beta Updated On: 22/Oct/2018
Intro
UI Automation Testing is costly, mostly unstable ( because of various reasons ), time consuming and doesn’t give results as quickly as expected from stack holders. Developer will feel held up because of this.
Other complaints are; most of the times UI automation test case failure/s doesn’t give exact root cause/s of failure/s and developer needs to spend valuable time finding out root case of bug/s.
API testing goes a level deeper than UI Automation, it is fast , stable , easy to maintain and quick yields accurate info related to a bug ( mostly ).
Lets take example of a product ordering flow of an e-commerce website. As this is most critical feature of software; it must be constantly tested in PROD , QA and Dev environments. In this scenario API testing will help more than UI testing to find out problem/s quicker and inform about it much earlier.
Mark Watney Quote from The Martian movie “At some point, everything’s gonna go south on you and you’re going to say, this is it. This is how I end. Now you can either accept that, or you can get to work. That’s all it is. You just begin. You do the math. You solve one problem and you solve the next one, and then the next. And If you solve enough problems, you get to come home.” [ so true ; in everyday’s work of Automation Engineer ]
Index
1. What is API
2. Why API Testing Is Necessary
3. What Are Different Kinds Of API
4. API Related Common Info
5. Case Studies
6. API + Cucumber
7. Jenkins Integration ( CI Setup )
8. Jenkins + IRC Integration
9. Additional Info ( WIP )
10. Tools
1. What is API ?
1.1 http://www.quora.com/What-is-an-API
1.2 http://stackoverflow.com/questions/7440379/what-exactly-is-the-meaning-of-an-api
2. Why API testing is necessary ?
2.1 http://www.soapui.org/testing-dojo/world-of-api-testing/what-makes-api-testing-special-.html
2.2 http://www.guru99.com/api-testing.html
2.3 https://www.qasource.com/qalounge/4-advantages-of-api-testing/
2.4 API Testing ? Why it’s so important ( Joe Colantonio )
3. What are different kind of API ?
3.1 https://ffeathers.wordpress.com/2014/02/16/api-types/
3.2 http://theopentutorials.com/post/uncategorized/types-of-web-services-big-and-restful/
4. API Related Common Info
4.1 What is “cURL” ?
4.1.1 Conquering Command Line ( Ch. 3 cURL )
4.2 Different Response Status Codes
4.2.1 https://developer.spotify.com/web-api/user-guide/#response-status-codes
4.2.2. https://en.wikipedia.org/wiki/List_of_HTTP_status_codes
4.3 Why , What , How RESTful
4.3.1 http://www.drdobbs.com/web-development/restful-web-services-a-tutorial/240169069
5. Case Studies :
Case Study 1: Wunderlist + cURL
1. Create a new account in https://www.wunderlist.com 2. Goto https://developer.wunderlist.com/documentation , click on "MY APPS" 3. Create a new app 4. CLIENT_ID , CLIENT_SECRET , ACCESS_TOKEN XXXX4852acb2d8XXXXXX , XXXXX07fa01b277d19193162ae0381cf1e61619d160188dc2616eacXXXXX , XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX https://developer.wunderlist.com/documentation/endpoints/user curl -i -H "X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX -H "X-Client-ID: XXXX4852acb2d8XXXXXX" -X GET a.wunderlist.com/api/v1/user https://developer.wunderlist.com/documentation/endpoints/list curl -i -H "X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX" -H "X-Client-ID: XXXX4852acb2d8XXXXXX -X GET a.wunderlist.com/api/v1/lists curl -i -H "X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX" -H "X-Client-ID: XXXX4852acb2d8XXXXXX" -X GET a.wunderlist.com/api/v1/lists/16905XXXX curl -i -H "X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX" -H "X-Client-ID: XXXX4852acb2d8XXXXXX" -H "Content-Type: application/json; charset=utf-8" -X GET a.wunderlist.com/api/v1/tasks?list_id=XXX052XXX curl -i -H "X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX" -H "X-Client-ID: XXXX4852acb2d8XXXXXX" -X GET a.wunderlist.com/api/v1/avatar?user_id=XX945XXX curl -i -H "X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX" -H "X-Client-ID: XXXX4852acb2d8XXXXXX" -H "Content-Type: application/json; charset=utf-8" -X POST a.wunderlist.com/api/v1/lists -d '{"title":"new-list"}' curl -i -H "X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX -H "X-Client-ID: XXXX4852acb2d8XXXXXX " -H "Content-Type: application/json; charset=utf-8" -X POST a.wunderlist.com/api/v1/tasks -d '{"list_id":XXX0528XX, "title":"vikram-tasks"}' curl -H "X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX" -H "X-Client-ID: XXXX4852acb2d8XXXXXX" -H "Content-Type: application/json" -X PATCH a.wunderlist.com/api/v1/lists/169075159 -d '{"revision":1,"title":"XXXXX"}' curl -i -H "X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX" -H "X-Client-ID: XXXX4852acb2d8XXXXXX" -X DELETE a.wunderlist.com/api/v1/lists/169074217?revision=1 File Upload - 4 API calls stat -f%z KYC.png -> gives file size in bytes curl -i -H "X-Access-Token: dummy" -H "X-Client-ID: dummy" -H "Content-Type: application/json; charset=utf-8" -X POST a.wunderlist.com/api/v1/uploads -d '{"content_type":"image/png","file_name":"KYC.png","file_size":"530145"}' 201 Created From response body get values of "url" , "authorization" , "date" to use in below cURL call Option 1: Works only when curl is called in same directory as file curl -i -H 'Authorization: AWS ...' -H 'x-amz-date: Tue, 29 Dec 2015 16:10:16 UTC +00:00' -H 'Content-Type: ' -X PUT 'https://upload.wunderlist.io/..' Option 2: curl -i -H 'Authorization: AWS...' -H 'x-amz-date: Mon, 04 Jan 2016 14:26:19 UTC +00:00' -H 'Content-Type: ' -X PUT 'https://upload.wunderlist.io/..' --upload-file "/Users/vikram-anna/Desktop/Rocky.jpg" 200 OK curl -i -H "X-Access-Token: dummy -H "X-Client-ID: dummy -H "Content-Type: application/json; charset=utf-8" -X PATCH a.wunderlist.com/api/v1/uploads/45936173 -d'{"state":"finished"}' 200 OK curl -i -H "X-Access-Token: dummy -H "X-Client-ID: dummy -H "Content-Type: application/json; charset=utf-8" -X POST a.wunderlist.com/api/v1/files -d '{"upload_id":45936173,"task_id":1548767307}' 201 Created curl -i -H "X-Access-Token: dummy" -H "X-Client-ID: dummy " -H "Content-Type: application/json; charset=utf-8" -X POST a.wunderlist.com/api/v1/folders -d '{"title":"FOLDER-API", "list_ids":[231294978]}' 201 Created
Case Study 2: Twitter API + Postman
Refer to youtube video names "Using Postman for Chrome to Connect To Twitter API" Terminologies apps.twitter.com/app/1234567/keys Application Settings 1. Consumer Key ( API Key ) 2. Consumer Secret ( API Secret ) Your Access Token 1. Access Token 2. Access Token Secret https://dev.twitter.com/rest/public
Case Study 3: Spotify ( WIP )
3.1 Types of API requests ?
3.1.1 https://developer.spotify.com/web-api/user-guide/
3.2 Web API Tutorial
3.2.1 https://developer.spotify.com/web-api/tutorial/
3.3 Spotify API Console
3.3.1 https://developer.spotify.com/web-api/console/
3.4 Understanding the Spotify Web API
3.4.1 https://labs.spotify.com/2015/03/09/understanding-spotify-web-api/
3.5 API References
3.5.1 https://developer.spotify.com/web-api/endpoint-reference/
Case Study 4 : https://trello.com/ ( WIP )
6. API + Cucumber
http://stackoverflow.com/questions/16741490/rest-api-test-cucumber-steps-best-practice
https://github.com/jayzes/cucumber-api-steps
https://github.com/DigitalInnovation/cucumber_rest_api
http://www.joecolantonio.com/2014/02/26/rest-testing-with-java-part-two-getting-started-with-rest-assured/
7. Jenkins Integration ( CI Setup )
- Once you’ve automated test cases, create job in Jenkins to run these every X minutes/hours on daily basis and send out email with detailed report of PASS/FAIL
- This way it’s much faster to monitor prod env health with quick checks
- Email notification can be configured to send out failure emails to PM,Dev & as QA you should receive all the emails
- It can also be run whenever there are changes in backend code as well.
- You can configure job as per project requirements
8. Jenkins + IRC Integration
9 . Additional Info ( WIP )
1. Automation & Testing REST API By Alan Richardson ( eviltester )
2. https://github.com/brooklynDev/airborne ( RSpec driven API testing framework )
3. http://stackoverflow.com/questions/9772933/rest-api-request-body-as-json-or-plain-post-data
4. Introduction To RestAssured Java REST API library for Test Automation ( EvilTester – Software Testing )
5. Java DSL for easy testing of REST services
6. https://github.com/vikramvi/RESTful-api-automation ( Demo project for reference to newcomers )
7. http://testdetective.com/building-rest-testing-framework/ ( Building micro services testing framework )
8. http://awesome-testing.blogspot.com/2016/07/restful-api-testing-with-rest-assured-1.html . ( RESTful API Testing with Rest-Assured )
9. http://www.joecolantonio.com/2014/04/24/rest-assured-how-to-post-a-json-request/ ( How To Post A JSON Request : REST Assured )
10. http://www.ontestautomation.com/testing-rest-services-with-rest-assured ( Testing REST services with REST Assured – Bas Dijkstra )
http://www.ontestautomation.com/open-sourcing-my-workshop-an-experiment/
( Refer to blog conversation @ integration testing August 10, 2016 at 10:25 am )
11. Testing RESTful Web Services Made Easy Using REST-assured framework ( Very descriptive & useful explanation, multiple scenarios including Auth covered )
12. chrome://net-internals Chrome net-internal tool to check traffic https://www.smartfile.com/blog/using-chromes-net-internals-chromenet-internals/
13. http://james-willett.com/category/rest-assured/ ( James Willet – Technical Testing )
http://james-willett.com/2015/06/getting-up-and-running-with-rest-assured/
http://james-willett.com/2015/06/extracting-a-json-response-with-rest-assured/
14. Contract Testing / Consumer Driver Contract Testing with Pact
https://cucumber.io/blog/2018/05/04/contract-testing-with-pact
https://blog.risingstack.com/consumer-driven-contract-testing-with-pact/
15. Contract Tests vs Functional Tests
https://docs.pact.io/best_practices/contract_tests_not_functional_tests.html
10. Tools
1. Paw
2. Postman
http://www.lunarlincoln.com/tools-we-love-paw/