Version:   Beta                                                                       Updated On:  07/Aug/2017


Intro

          UI Automation Testing is costly, mostly unstable ( because of various reasons ), time consuming and doesn’t give results as quickly as expected from stack holders. Developer will feel held up because of this. 


Other complaints are; most of the times UI automation test case failure/s doesn’t give exact root cause/s of failure/s and developer needs to spend valuable time finding out root case of bug/s.


API testing goes a level deeper than UI Automation, it is fast , stable , easy to maintain and quick yields accurate info related to a bug ( mostly ).


Lets take example of a product ordering flow of an e-commerce website. As this is most critical feature of software; it must be constantly tested in PROD , QA and Dev environments. In this scenario API testing will help more than UI testing to find out problem/s quicker and inform about it much earlier.

Mark Watney Quote from The Martian movie “At some point, everything’s gonna go south on you and you’re going to say, this is it. This is how I end. Now you can either accept that, or you can get to work. That’s all it is. You just begin. You do the math. You solve one problem and you solve the next one, and then the next. And If you solve enough problems, you get to come home.” [ so true ; in everyday’s work of Automation Engineer ]

Index 

1.  What is API

2.  Why API Testing Is Necessary

3.  What Are Different Kinds Of API

4.  API Related Common Info    

5.  Case Studies

6.  API + Cucumber

7.  Running API Test Cases Constantly and Sending out reports ( TBD )

8.  IRC Integration to run , post results etc ( TBD )

9.  Additional Info

10.  Tools

 

1. What is API ?


1.1  http://www.quora.com/What-is-an-API

     1.2  http://stackoverflow.com/questions/7440379/what-exactly-is-the-meaning-of-an-api


2.  Why API testing is necessary ?


2.1  http://www.soapui.org/testing-dojo/world-of-api-testing/what-makes-api-testing-special-.html


2.2   http://www.guru99.com/api-testing.html

      2.3    https://www.qasource.com/qalounge/4-advantages-of-api-testing/


3.  What are different kind of API ?


3.1   https://ffeathers.wordpress.com/2014/02/16/api-types/


3.2   http://theopentutorials.com/post/uncategorized/types-of-web-services-big-and-restful/


4.  API Related Common Info

4.1   What is “cURL” ?

               4.1.1  9 uses for cURL worth knowing

4.2   Different Response Status Codes


4.2.1 https://developer.spotify.com/web-api/user-guide/#response-status-codes

                4.2.2. https://en.wikipedia.org/wiki/List_of_HTTP_status_codes

4.3   Why , What , How  RESTful

       

                4.3.1    http://www.drdobbs.com/web-development/restful-web-services-a-tutorial/240169069

                  4.3.2  http://www.quora.com/Is-REST-a-better-approach-for-Web-Services-than-SOAP-Or-they-are-different-tools-for-different-purposes


5. Case Studies : 

Case Study 1:   Wunderlist  + cURL

1.  Create a new account in https://www.wunderlist.com 

2.  Goto https://developer.wunderlist.com/documentation , click on “MY APPS”

3.  Create a new app 

4.  CLIENT_ID , CLIENT_SECRET , ACCESS_TOKEN 

XXXX4852acb2d8XXXXXX , XXXXX07fa01b277d19193162ae0381cf1e61619d160188dc2616eacXXXXX , 

XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX

https://developer.wunderlist.com/documentation/endpoints/user

curl -i -H “X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX  -H “X-Client-ID: XXXX4852acb2d8XXXXXX” -X GET a.wunderlist.com/api/v1/user


https://developer.wunderlist.com/documentation/endpoints/list

curl -i -H “X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX” -H “X-Client-ID: XXXX4852acb2d8XXXXXX  -X GET a.wunderlist.com/api/v1/lists

curl -i -H “X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX” -H “X-Client-ID: XXXX4852acb2d8XXXXXX”  -X GET a.wunderlist.com/api/v1/lists/16905XXXX

curl -i -H “X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX”  -H “X-Client-ID: XXXX4852acb2d8XXXXXX” -H “Content-Type: application/json; charset=utf-8” -X GET a.wunderlist.com/api/v1/tasks?list_id=XXX052XXX

curl -i -H “X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX”  -H “X-Client-ID: XXXX4852acb2d8XXXXXX” -X GET a.wunderlist.com/api/v1/avatar?user_id=XX945XXX

curl -i -H “X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX” -H “X-Client-ID: XXXX4852acb2d8XXXXXX” -H “Content-Type: application/json; charset=utf-8”  -X POST a.wunderlist.com/api/v1/lists -d ‘{“title”:”new-list”}’

curl -i -H “X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX  -H “X-Client-ID: XXXX4852acb2d8XXXXXX ” -H “Content-Type: application/json; charset=utf-8” -X POST a.wunderlist.com/api/v1/tasks -d ‘{“list_id”:XXX0528XX, “title”:”vikram-tasks”}’

curl -H “X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX” -H “X-Client-ID: XXXX4852acb2d8XXXXXX” -H “Content-Type: application/json”  -X PATCH a.wunderlist.com/api/v1/lists/169075159 -d ‘{“revision”:1,”title”:”XXXXX”}’

curl -i -H “X-Access-Token: XXXXX654bc6d4aed7432b1c6d2a43598d37ab8165ce16f4b1e2e1d0XXXXX” -H “X-Client-ID: XXXX4852acb2d8XXXXXX”   -X DELETE a.wunderlist.com/api/v1/lists/169074217?revision=1


File Upload – 4 API calls


stat -f%z  KYC.png   -> gives file size in bytes

curl -i -H “X-Access-Token: dummy” -H “X-Client-ID: dummy” -H “Content-Type: application/json; charset=utf-8”  -X POST a.wunderlist.com/api/v1/uploads -d ‘{“content_type”:”image/png”,”file_name”:”KYC.png”,”file_size”:”530145″}’

201 Created

From response body get values of “url” , “authorization” , “date” to use in below cURL call

Option 1: Works only when curl is called in same directory as file 

curl -i -H ‘Authorization: AWS …’ -H ‘x-amz-date: Tue, 29 Dec 2015 16:10:16 UTC +00:00’ -H ‘Content-Type: ‘ -X PUT  ‘https://upload.wunderlist.io/..’ 

Option 2:

curl -i -H ‘Authorization: AWS…’ -H ‘x-amz-date: Mon, 04 Jan 2016 14:26:19 UTC +00:00’ -H ‘Content-Type: ‘ -X PUT  ‘https://upload.wunderlist.io/..’  –upload-file “/Users/vikram-anna/Desktop/Rocky.jpg”

200 OK

curl -i -H “X-Access-Token: dummy  -H “X-Client-ID: dummy  -H “Content-Type: application/json; charset=utf-8”  -X PATCH a.wunderlist.com/api/v1/uploads/45936173  -d'{“state”:”finished”}’

200 OK

curl -i -H “X-Access-Token: dummy  -H “X-Client-ID: dummy  -H “Content-Type: application/json; charset=utf-8”  -X POST a.wunderlist.com/api/v1/files -d ‘{“upload_id”:45936173,”task_id”:1548767307}’


201 Created

curl -i -H “X-Access-Token: dummy”  -H “X-Client-ID: dummy ” -H “Content-Type: application/json; charset=utf-8” -X POST a.wunderlist.com/api/v1/folders -d ‘{“title”:”FOLDER-API”, “list_ids”:[231294978]}’

201 Created 

 

Case Study 2:   Twitter API  + Postman

Refer to youtube video names “Using Postman for Chrome to Connect To Twitter API


Terminologies


apps.twitter.com/app/1234567/keys

Application Settings


1. Consumer Key      ( API Key )


2.  Consumer Secret ( API Secret ) 

Your Access Token


1. Access Token 


2. Access Token Secret

https://dev.twitter.com/rest/public 

 

Case Study 3:   Spotify ( WIP )

3.1   Types of API requests ?

        3.1.1 https://developer.spotify.com/web-api/user-guide/ 

3.2   Web API Tutorial

       3.2.1 https://developer.spotify.com/web-api/tutorial/

3.3   Spotify API Console

3.3.1 https://developer.spotify.com/web-api/console/

3.4   Understanding the Spotify Web API

3.4.1 https://labs.spotify.com/2015/03/09/understanding-spotify-web-api/

3.5   API References


3.5.1 https://developer.spotify.com/web-api/endpoint-reference/

 

Case Study 4 :  https://trello.com/  ( WIP )


https://trello.com/docs/

 

6.  API + Cucumber     

http://stackoverflow.com/questions/16741490/rest-api-test-cucumber-steps-best-practice

https://github.com/jayzes/cucumber-api-steps

https://github.com/DigitalInnovation/cucumber_rest_api

http://www.joecolantonio.com/2014/02/26/rest-testing-with-java-part-two-getting-started-with-rest-assured/

 

7. Running API Test Cases Constantly and Sending out reports ( TBD )

 

8. IRC Integration to run , post results etc ( TBD )

9 . Additional Notes ( WIP )

https://github.com/brooklynDev/airborneRSpec driven API testing framework )

??.  What is “REST”

??. Difference between REST and RESTful


??  What , Why “Node.js”


??  What is “JSON Object” ?

?? JSON vs Form Params


http://stackoverflow.com/questions/9772933/rest-api-request-body-as-json-or-plain-post-data

??  rest-assured ( Open Source Framework based on Java Language ) 

Introduction To RestAssured Java REST API library for Test Automation ( EvilTester – Software Testing )

Java DSL for easy testing of REST services


https://github.com/jayway/rest-assured


https://github.com/jayway/rest-assured/wiki/GettingStarted

https://github.com/vikramvi/RESTful-api-automation

( Demo project for reference to newcomers )

http://testdetective.com/building-rest-testing-framework/ ( Building micro services testing framework )

http://awesome-testing.blogspot.com/2016/07/restful-api-testing-with-rest-assured-1.html


( RESTful API Testing with Rest-Assured )

http://www.joecolantonio.com/2014/04/24/rest-assured-how-to-post-a-json-request/ (  How To Post A JSON Request : REST Assured )


http://www.ontestautomation.com/testing-rest-services-with-rest-assured (  Testing REST services with REST Assured )

http://www.ontestautomation.com/open-sourcing-my-workshop-an-experiment/

( Refer to conversation August 10, 2016 at 10:25 am )



http://www.hascode.com/2011/10/testing-restful-web-services-made-easy-using-the-rest-assured-framework/#Authentication  

chrome://net-internals Chrome net-internal tool to check traffic https://www.smartfile.com/blog/using-chromes-net-internals-chromenet-internals/

http://james-willett.com/category/rest-assured/ ( James Willet – Technical Testing )


http://james-willett.com/2015/06/getting-up-and-running-with-rest-assured/

http://james-willett.com/2015/06/extracting-a-json-response-with-rest-assured/ 


10. Tools 

1.  Paw

2.  Postman

http://www.lunarlincoln.com/tools-we-love-paw/

Advertisements