Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

General suggestion on API testing on RESTful Web API [closed]

Tags:

rest

web-api-testing

I am looking for your suggestions on the general workflow of setting up and executing an API testing mainly for RESTful Web API.

More specifically, I have puzzles of below points:

  1. Is API testing done by writing code (like unit test) or more by running tools?
  2. What kind result and report that API testing should generate?
  3. What kinds tests should covered by API testing?
like image 454
Shuping Avatar asked Oct 09 '13 02:10

Shuping

1 Answers

  1. Using unit tests you can check that implemented logic to fetch requested data is correct but it's not enough. To test API, things like data serialization/deserialization to various formats (JSON, XML, ATOM, ...), authorization & authentication, exception handling (translate application exceptions to HTTP error codes) should be check. API should be tested from client point of view. You can achieve it using tools that can send request similar to requests send by your clients i.e. jmeter.

  2. API tests should generate report with information which requests pass / fail. In case of failed request a response should be provided for further investigation. API tests should be integrated into CI.

  3. API testing should cover:

    • functional tests: valid requests to test different combination of arguments and parameters, prepare test scenario that simulate clients requests also invalid (bad) requests should be tested to check that there are handled properly and won't crash your application
    • security tests: check that requests from different clients don't influence each other
    • performance tests: measure response time from endpoints

Example

Let's assume that there is an endpoint /users with query parameters:

  • count (count > 0 & count <= 100, default 10)
  • startIndex (startIndex >=0, default 0)

Related test scenarios can be split into two groups: valid and invalid requests

Valid requests (always check response format):

  • GET /users - verify that response contains 10 items, starting from item 0
  • GET /users?count=1 - verify that response contains 1 item, starting from item 0
  • GET /users?count=100 - verify that response contains 100 item, starting from item 0
  • GET /users?startIndex=5 - verify that response contains 10 items, starting from item 5
  • GET /users?startIndex=200&count=100 - verify that response contains 100 items, starting from item 200
  • GET /users?startIndex=0&count=10 - verify that response contains 10 items, starting from item 0

Invalid requests:

  • GET /users?count=0 - verify that response code is 400
  • GET /users?count=-10 - verify that response code is 400
  • GET /users?count=foo - verify that response code is 400
  • GET /users?count=10bar - verify that response code is 400
  • GET /users?count=101 - verify that response code is 400
  • GET /users?startIndex=-1 - verify that response code is 400
  • GET /users?startIndex=foo - verify that response code is 400
  • GET /users?startIndex=foo&count=bar - verify that response code is 400
like image 89
ragnor Avatar answered Nov 01 '22 03:11

ragnor
Sign in to Comment

Related questions

How to access Failed Hangfire Jobs
What http return code should be if no data available
How to form protobuf resource part of http request body and test it through dhc client or postman for restful services
How to wrap JSON response from Spring REST repository?
Go Gin-Gonic, get text from POST request
Is it legal to have REST resource such as /currentUser in terms of RESTful and stateless?
Apache AVRO with Rest
Implementing "JSON Merge Patch" in ASP.NET Core - best way do differentiate between null and not defined property
Why HTTP method PUT should be idempotent and not the POST in implementation RestFul service?
CORS error when connecting local React frontend to local Spring Boot middleware application
JWT strings must contain exactly 2 period characters. Found: 0
Can I setup routes in Kohana to only match particular HTTP methods (GET/POST/etc)
python RESTful webservice framework: roll my own or is there a recommended library?
Difference between Get and post method in comparision with HTTP and REST
Idempotence of HTTP PUT and DELETE
REST api authenication with laravel
Handling 404 bad request in getJSON() jquery
AngularJS and Jersey REST DELETE operation fails with 415 Status code
Post data to RESTful Invalid HTTP status code 405
How to catch a 401 (or other status error) in an angular service call?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!