Leanpub Header

Skip to main content
Go to Leanpub.comLeanpub

Automating and Testing a REST API

A Case Study in API testing using: Java, REST Assured, Postman, Tracks, cURL and HTTP Proxies

Alan Richardson

A detailed look at the thought processes and techniques for testing a REST API based application.

Starting with interactive testing using the GUI, cURL and HTTP Proxies, we move on to automating the REST API using Java and REST Assured.

The case study uses an Open Source application and free and tools.

Minimum price

$9.99

$14.99

You pay

$14.99

Author earns

$11.99
$

...Or Buy With Credits!

You can get credits monthly with a Reader Membership
PDF
EPUB
WEB
900
Readers
258
Pages
About

About

About the Book

Have you ever wished that you had a worked example of how to test a REST API? Not just automate the API, but how to interact with it, using command line and GUI tools, to support your manual interactive testing. Then take your testing forward into automating the API?

That's what this book provides. A step by step case study covering:

  • How to read the REST API documentation.
  • How to tell if the application is using the API.
  • How to interact with the API from the command line with cURL.
  • Automating with BASH and Windows Command Line.
  • Sending API requests through an HTTP Proxy so you can see in detail the requests and responses.
  • How to use HTTP Proxies to create data in the application through Fuzzing.
  • Postman REST API GUI tool.
  • Automate 'under the GUI' parts of the application that don't have an API.
  • Automate the API with Java using REST Assured.
  • Build abstraction code to make your automated efforts readable and maintainable.
  • JSON and XML parsing with Serialization and Deserialization.

The book is fully supported by executable code which you can find on GitHub, and the support page for the book has sample videos showing some of the early steps in the case study in detail.

By working through this case study you will be able to interact with an API from the command line, GUI tools, HTTP messages in Proxies and with Java code.

Over the last few years, the Author has used the Open Source Tracks application as an example testing target to teach: Technical Web Testing, Automating GUIs and REST API Testing.

This book collates the preparatory work and teaching from the REST API workshops. The code from the workshops is included: for creating users, generating random data, testing basic API calls with PUT, GET, POST and DELETE.

Also the early steps of exploring and investigating the API interactively to support manual technical testing are explained in depth.

Share this book

Categories

TestingWeb DevelopmentAPIs

Feedback

Email the Author

Author

About the Author

Alan Richardson

Alan Richardson has worked as a Software professional since 1995 (although it feels longer). Primarily working with Software Testing, although he has written commercial software in C++, and a variety of other languages.

Alan has a variety of on-line training courses, both free and commercial:

  • "Selenium 2 WebDriver With Java"
  • "Start Using Selenium WebDriver"
  • "Technical Web Testing"

You can find details of his other books, training courses, conference papers and slides, and videos, on his main company web site:

Alan maintains a number of web sites:

Alan tweets using the handle @eviltester

Leanpub Podcast

Episode 30

An Interview with Alan Richardson

Contents

Table of Contents

Introduction

Introduction to APIs

  1. What Is a Web Application?
  2. Google Is an Example of a Web Application
  3. What Is an API?
  4. What Is an HTTP Request?
  5. What Is a URL?
  6. What Are HTTP Verbs?
  7. What Is an HTTP Response?
  8. What Is an HTTP Status Code?
  9. What Are Payloads?
  10. What Is JSON?
  11. What Is XML?
  12. What Are HTTP Headers?
  13. What Is Authentication?
  14. What Is REST?
  15. What Tools Are Used for Accessing an API?
  16. Example APIs
  17. Recommended Reading
  18. Summary

Introducing Tracks Case Study

  1. Support Page
  2. How to Use This Case Study
  3. Source Code Location
  4. Case Study Contents Overview
  5. Why Test Tracks?
  6. What Is Tracks and GTD?
  7. Summary

Installing Tracks

  1. Official Tracks Install
  2. Pre-Built Virtual Machines
  3. Using Virtual Machines
  4. Summary

A Tour of Tracks

  1. Why Learn the GUI If We Are Testing the API?
  2. Login
  3. Home Screen
  4. Starred Screen
  5. Projects
  6. Admin
  7. Basic Functions to Use and Check in the API
  8. Summary

The Tracks REST API

  1. What Is a REST API?
  2. Tracks REST API Documentation
  3. API Doc Examples
  4. General HTTP REST Return Codes
  5. Summary

Using a Proxy to View GUI Traffic

  1. Why?
  2. How?
  3. Viewing Traffic
  4. Implications
  5. Summary

Using a Proxy and Fuzzer to Create Users

  1. Tools
  2. Capture and Resend the Create User Request
  3. We Learned
  4. Using OWASP ZAP Proxy
  5. Capture Traffic in ZAP and Use the Fuzzer
  6. Multiple Users Created
  7. Quick Tip - Creating Data in a Spreadsheet
  8. Summary

Case Study Example Using cURL on Tracks

  1. What Is cURL?
  2. Case Study Details
  3. Installing cURL
  4. Reading the Examples in Tracks Documentation
  5. Try the Tracks API Examples
  6. Tracks GET API Calls
  7. Adding Data
  8. Amending Data
  9. Deleting Data
  10. Additional References
  11. Summary

Exploring the Tracks API with cURL Through a Proxy

  1. Using a Proxy with cURL
  2. For Debugging
  3. For Exploration
  4. For Simple Scope Coverage
  5. Summary

cURL Summary

Exploring Tracks API with Postman REST Client

  1. The GUI
  2. Issue Requests
  3. Postman Collections
  4. Environment Variables
  5. Authentication
  6. Using Postman Through a Proxy
  7. Recreate cURL Requests in Postman
  8. Summary

How to Use the Source Code

  1. Source Code Location
  2. How to Use the Source Code
  3. Summary

Starting to Automate

  1. Why Explore First?
  2. Choosing a Java Library
  3. REST Assured Overview
  4. REST Assured Related Reading
  5. Summary

The Case Study Overview - Testing Tracks v 2.3.0

  1. The Tools
  2. Code Location
  3. The Approach
  4. What I Automated
  5. Summary

The Case Study Creating Users with ‘App as API’

  1. Creating a User In Tracks via the API
  2. Does This Mean We Have to Stop Automating Here?
  3. How to Create a User
  4. ‘App as API’
  5. Investigating How to Treat the APP as API
  6. What Requests Do I Need?
  7. How Do We Do That?
  8. TracksAppAsApi
  9. Login Via “App as API”
  10. Summary

The Case Study - Create Random Users Utility @Test

  1. A Utility @Test Case
  2. The Main Utility @Test Method
  3. Configuring the @Test User Creation Utility
  4. Local Abstractions Overview
  5. Summary

The Case Study - API Abstraction

  1. Overview of the API Abstractions
  2. TracksApiEndPoints Explained
  3. TracksApi
  4. Domain Objects
  5. Summary

The Case Study - Sending HTTP Calls using REST Assured

  1. HttpMessageSender
  2. Summary

The Case Study - the Test Code Explored

  1. What Makes It ‘test’?
  2. TestEnvDefaults
  3. Synchronisation
  4. Synchronisation with Wait
  5. TracksResponseProcessor
  6. Summary

The Case Study - the Authentication @Test Methods Explored

  1. Evolving the Authentication Tests
  2. AuthenticationTest
  3. Final Test
  4. Summary

The Case Study - the Project @Test Methods Explored

  1. Create Project
  2. Amend
  3. Delete
  4. Summary

The Case Study - the Task @Test Methods Explored

  1. Supporting Private Methods
  2. Create
  3. Delete
  4. Summary

REST Assured JSON and XML Processing

  1. Code Example Location
  2. What Is XML?
  3. What Is JSON?
  4. REST Assured JSON and XML Parsing
  5. XML Attributes with GPath
  6. JsonPath and XmlPath
  7. Parsing from File or String
  8. Parsing from URI
  9. Deserialization to Objects
  10. Deserialization in Practice
  11. Serialization in Practice
  12. More Information
  13. Summary

Summary of REST Assured

  1. Adding REST Assured with Maven
  2. Setting a Proxy for REST Assured
  3. Sending Message with REST Assured
  4. given, when, then
  5. Using given to Set the Message Details
  6. Using when to Make HTTP Requests
  7. Using then to Process Response
  8. Basic Example
  9. Assertions Using body in then
  10. JsonPath and XmlPath
  11. Serialization and Deserialization
  12. Summary

Suggested Exercises

  1. Installation Exercises
  2. Coding Exercises
  3. Refactor and Expand
  4. Summary

Future Refactoring

  1. Instead of Returning a Response Object
  2. What Would You Do?
  3. Refactoring Resources
  4. Summary

Conclusions and Summary

  1. Next Steps
  2. Reminder of the Non-Obvious
  3. App as API
  4. REST Assured Wrapped with Abstractions
  5. Test Data Creation Through Web Scraping
  6. Random Test Data Creation
  7. Extensive Abstraction Creation
  8. Summary

Appendix - Random Data Creation for v 2.3.0 Testing

  1. Symbol Replacement
  2. Interface TestDataRetriever
  3. RandomFoodBackedDataRetriever
  4. Generating a Project Name or TODO
  5. Summary

Appendix - Other REST GUI Clients

  1. Chrome Applications
  2. Desktop Applications
  3. Firefox Plugin
  4. IDE and Editor Plugins

Appendix - HTTP Debug Proxy and Proxy Support Tools

Appendix - Creating Random Data for Tracks v 2.2.0 Testing

  1. Approach
  2. Scraping Data Support Classes
  3. Scraping Data Code
  4. Testing the Utility @Test Class
  5. Setup Data with the Utility @Test Class

Exploring Tracks API with Postman REST Client

  1. Using Postman Through a Proxy
  2. Shared Cookie Jar Gotcha

About the Author

Get the free sample chapters

Click the buttons to get the free sample in PDF or EPUB, or read the sample online here

Download Sample PDFDownload Sample EPUB

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.

You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!

So, there's no reason not to click the Add to Cart button, is there?

See full terms...

Earn $8 on a $10 Purchase, and $16 on a $20 Purchase

We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earned over $14 million writing, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub