SlideShare a Scribd company logo

Web_service_testing_finall

Download as PPTX, PDF
M
Manjyot Singh

Manjyot Singh and Ruchika Rawat gave an introduction to API testing using REST-Assured. They discussed the basics of REST and SOAP web services. REST-Assured was presented as a Java DSL for testing RESTful web services, allowing users to make HTTP requests and assertions on the responses. Examples were provided for common requests like GET, POST, PUT, and DELETE. Response parsing and authentication were also demonstrated. Other tools were mentioned and references provided for further reading.

1 of 28
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Manjyot Singh Ruchika Rawat API Testing Workshop
Introduction [ { "speaker": { "id": "007", "name": "Manjyot Singh", "role": "QA" } }, { "speaker": { "id": "001", "name": "Ruchika Rawat", "role": "QA" } } ]
What is a web service – QA point of view? A method of communication between two web applications
Let’s play a video...
Example
Classifications
REST Vs SOAP
???
SOAP ● Simple object access protocol. ● Used for exchange of information on distributed platform using XML. ● Works mainly with HTTP, HTTPS. ● HTTP makes SOAP go around firewalls. ● Slower when using large XML messages.
???
REST ● Representational State Transfer. ● REST architectural style, data and functionality are considered resources and are accessed using Uniform Resource Identifiers (URIs). ● Resources are manipulated using a fixed set of four create, read, update, delete operations: PUT, GET, POST, and DELETE. ● Formats - XML, plain text, PDF and JSON.
REST - Example ResponseRequest http://localhost:9000/users/1
Let’s talk about...
Why REST-assured ? ● Java Domain Specific Language (DSL) for testing web services ● Built on top of HTTPBuilder ● Supports response parsing ● Supports in-built assertions ● Supports BDD syntax
Setup (Requirement) ● Install JDK ● IDE (Eclipse/Intellij) ● Build Tool (gradle) *optional ● Rest-assured jars ● Hamcrest-matchers jars ● Junit jars
Understanding a Request
Simple GET Request given(). contentType(“application/json”). when(). get("/users"). then(). assertThat(). statusCode(HttpStatus.SC_OK);
GET Request given(). contentType(“application/json”). when(). get("/users/1"). then(). assertThat(). body("userId", equalTo(1)). body("userName", equalTo("Robert")). body("employer", equalTo("facebook")). body("location.state", equalTo("California")). body("location.city", equalTo("San Jose"));
POST Request given(). contentType("application/json"). body("[{"userName":"Jayant2","employer":"Google","location":{" state":"California","city":"Mountain View"}}]"). when(). post("/users"). then(). assertThat(). body("userName", hasItems("Jayant2"));
PUT Request int userId = 1; given(). contentType("application/json"). when(). body("{"userName":"Taylor"}"). put("/users/" + userId). then(). statusCode(HttpStatus.SC_OK). body("userName", equalTo("Taylor"));
DELETE Request int userId = 9; given(). when(). delete("/users/" + userId). then(). statusCode(HttpStatus.SC_OK);
Response parsing Response response = given(). contentType(ContentType.JSON). when(). get("/users/5"). then(). extract().response(); String userName = response.path("userName"); String userCity = response.path("location.city"); Assert.assertTrue(userName.equals("Steve")); Assert.assertTrue(userCity.equals("San Francisco"));
Json parsing String jsonResponse = get("/users/5"). asString(); JsonPath jsonPath = new JsonPath(json).setRoot("location"); String state = jsonPath.getString("state"); String city = jsonPath.getString("city"); Assert.assertTrue(state.equals("California")); Assert.assertTrue(city.equals("San Francisco"));
Authentication String sessionToken = given(). body("{"userName" : "ruchikar","password" : "P@ssW0rd"}"). when(). with(). header("Content-Type", "application/json"). header("X-Forwarded-Proto", "https"). post("/sessionTokens"). then(). statusCode(200). contentType(ContentType.JSON). extract(). response().path("response.sessionToken");
given(). when(). with(). header("X-Forwarded-Proto", "https"). header("Content-Type", "application/json"). header("X-Auth", sessionToken). get(“/users”). then(). statusCode(HttpStatus.SC_OK). contentType(ContentType.JSON); contd...
Other available tools/api
References Rest-Assured: https://github.com/jayway/rest-assured Github : https://github.com/jayway/rest-assured/wiki/Usage Workshop Test framework: https://github.com/ruchikar/RestAssuredTest Workshop WebService: https://github.com/syedatifakhtar/VodQABomb
Questions

More Related Content

What's hot (19)

PPTX
Access Control Pitfalls v2
Jim Manico
 
PPTX
Browser Security 101
Stormpath
 
PPTX
REST API Security: OAuth 2.0, JWTs, and More!
Stormpath
 
PDF
Security DevOps - Free pentesters' time to focus on high-hanging fruits // Ha...
Christian Schneider
 
PPTX
Burp intruder
penetration Tester
 
PPTX
ApacheCon 2014: Infinite Session Clustering with Apache Shiro & Cassandra
DataStax Academy
 
PPTX
Software Development in the Age of Breaches
Karthik Bhat
 
PPTX
Syntribos API Security Test Automation
Matthew Valdes
 
PPTX
WordPress Security - A Hacker's Guide - WordCamp 2019 Islamabad
RF Studio
 
PPTX
JWTs for CSRF and Microservices
Stormpath
 
PDF
Zed Attack Proxy (ZAP)
JAINAM KAPADIYA
 
PDF
Workshop : Application Security
Priyanka Aash
 
PDF
AJAX Security - LAC2016
Julia Logan a.k.a. IrishWonder
 
PDF
SignalR
Sarvesh Kushwaha
 
PDF
Security Testing using ZAP in SFDC
Thinqloud
 
PDF
Secure JAX-RS
Rudy De Busscher
 
PPTX
Getting Started with API Security Testing
SmartBear
 
PPTX
Secure API Services in Node with Basic Auth and OAuth2
Stormpath
 
PPTX
Learn to pen-test with OWASP ZAP
Paul Ionescu
 
Access Control Pitfalls v2
Jim Manico
 
Browser Security 101
Stormpath
 
REST API Security: OAuth 2.0, JWTs, and More!
Stormpath
 
Security DevOps - Free pentesters' time to focus on high-hanging fruits // Ha...
Christian Schneider
 
Burp intruder
penetration Tester
 
ApacheCon 2014: Infinite Session Clustering with Apache Shiro & Cassandra
DataStax Academy
 
Software Development in the Age of Breaches
Karthik Bhat
 
Syntribos API Security Test Automation
Matthew Valdes
 
WordPress Security - A Hacker's Guide - WordCamp 2019 Islamabad
RF Studio
 
JWTs for CSRF and Microservices
Stormpath
 
Zed Attack Proxy (ZAP)
JAINAM KAPADIYA
 
Workshop : Application Security
Priyanka Aash
 
AJAX Security - LAC2016
Julia Logan a.k.a. IrishWonder
 
SignalR
Sarvesh Kushwaha
 
Security Testing using ZAP in SFDC
Thinqloud
 
Secure JAX-RS
Rudy De Busscher
 
Getting Started with API Security Testing
SmartBear
 
Secure API Services in Node with Basic Auth and OAuth2
Stormpath
 
Learn to pen-test with OWASP ZAP
Paul Ionescu
 

Similar to Web_service_testing_finall (20)

PDF
Mashups For Soa
WSO2
 
ODP
Integrating Apache Syncope with Apache CXF
coheigea
 
PPTX
Databasecentricapisonthecloudusingplsqlandnodejscon3153oow2016 160922021655
Getting value from IoT, Integration and Data Analytics
 
PDF
Creating Restful Web Services with restish
Grig Gheorghiu
 
PPTX
Rest API and Client OM for Developer
InnoTech
 
PPTX
Drf
Ibrahim Kasim
 
PPTX
Introduction to Django Rest Framework
bangaloredjangousergroup
 
PDF
IRJET- Rest API for E-Commerce Site
IRJET Journal
 
PDF
SOAP vs REST
Mário Almeida
 
PDF
RESTful applications: The why and how by Maikel Mardjan
Jexia
 
PPTX
ServiceNow Course in India - ServiceNow Training.pptx
venkatakrishnavisual
 
ODP
a
Sandeep Kumar
 
PDF
GraphQL is actually rest
Jakub Riedl
 
PPTX
RESTful Architecture
Kabir Baidya
 
PDF
Secc tutorials development and deployment of rest web services in java_v2.0
Aravindharamanan S
 
PPTX
RESTful Data Services with the ADO.NET Data Services Framework
goodfriday
 
PDF
Wp JSON API and You!
Jamal_972
 
PDF
Day1 : web service basics
Testing World
 
PPTX
Social Photos - My presentation at Microsoft Tech Day
TechMaster Vietnam
 
PPT
REST Introduction.ppt
KGSCSEPSGCT
 
Mashups For Soa
WSO2
 
Integrating Apache Syncope with Apache CXF
coheigea
 
Databasecentricapisonthecloudusingplsqlandnodejscon3153oow2016 160922021655
Getting value from IoT, Integration and Data Analytics
 
Creating Restful Web Services with restish
Grig Gheorghiu
 
Rest API and Client OM for Developer
InnoTech
 
Drf
Ibrahim Kasim
 
Introduction to Django Rest Framework
bangaloredjangousergroup
 
IRJET- Rest API for E-Commerce Site
IRJET Journal
 
SOAP vs REST
Mário Almeida
 
RESTful applications: The why and how by Maikel Mardjan
Jexia
 
ServiceNow Course in India - ServiceNow Training.pptx
venkatakrishnavisual
 
a
Sandeep Kumar
 
GraphQL is actually rest
Jakub Riedl
 
RESTful Architecture
Kabir Baidya
 
Secc tutorials development and deployment of rest web services in java_v2.0
Aravindharamanan S
 
RESTful Data Services with the ADO.NET Data Services Framework
goodfriday
 
Wp JSON API and You!
Jamal_972
 
Day1 : web service basics
Testing World
 
Social Photos - My presentation at Microsoft Tech Day
TechMaster Vietnam
 
REST Introduction.ppt
KGSCSEPSGCT
 
Ad

Web_service_testing_finall