KEMBAR78
Testing RESTful web services with REST Assured | PPTX
Bas Dijkstra, profile picture
Uploaded byBas Dijkstra
PPTX, PDF2,381 views

Testing RESTful web services with REST Assured

The document is a workshop guide on testing RESTful web services using the Rest Assured library, covering installation, configuration, and example testing scenarios. It details the advantages of REST over SOAP, tools for testing, authentication methods, and data validation techniques. Additionally, it provides examples and exercises related to using APIs, parameters in requests, performance measurement, and integration into CI/CD processes.

Downloaded 111 times
Test the REST Testing RESTful web services using REST Assured An open source workshop by … Originally created by Bas Dijkstra – bas@ontestautomation.com – http://www.testautomation.com - @_basdijkstra
What are we going to do? _RESTful web services _REST Assured _Get your hands dirty
Preparation _Install Eclipse (or any other IDE) _Install TestNG plugin (for Eclipse) _Install m2e (or similar for any other IDE) _Import Maven project into IDE _Update project (Eclipse) or similar
What are RESTful web services? _HTTP request methods (GET, POST, PUT, …) _URI’s _CRUD operations on data POST Create GET Read PUT Update DELETE Delete
An example _GET http://api.zippopotam.us/us/90210 _Result:
Usage of RESTful web services _Mobile applications _Internet of Things _API Economy
Why REST (and not SOAP, for example)? _Support for a multitude of data formats _JSON _XML _… _Smaller overhead and therefore better performance
Why SOAP(and not REST, for example)? _WS-Security _WS-ReliableMessaging _WS-AtomicTransaction _Mostly used to secure banking applications
Tools for testing RESTful web services _Browser (using plugins like Postman for Chrome) _Open source (SoapUI, REST Assured) _COTS (Parasoft SOAtest, SoapUI Pro)
REST Assured _Java library for writing tests for RESTful web services _Removes a lot of boilerplate code _Integrates seamlessly with existing Java-based testing frameworks _JUnit, TestNG _Selenium WebDriver
Configuring REST Assured _Download from http://rest-assured.io _Add as a dependency to your project _Maven
REST Assured documentation _Usage guide _https://github.com/rest-assured/rest-assured/wiki/Usage _Links to other documentation (JavaDoc, getting started, release notes) _http://rest-assured.io/
A sample test
REST Assured features _Support for HTTP methods (GET, POST, PUT, …) _Support for BDD / Gherkin (Given/When/Then) _Use of Hamcrest matchers for checks (equalTo) _Use of GPath for selecting elements from JSON response
About Hamcrest matchers _Express expectations in natural language _Examples: _ http://hamcrest.org/JavaHamcrest/javadoc/1.3/org/hamcrest/Matchers.html equalTo(X) Does the object equal X? hasItem(“Rome”) Does the collection contain an item “Rome”? hasSize(3) Does the size of the collection equal 3? not(equalTo(X)) Inverts matcher equalTo()
About GPath _GPath is a path expression language integrated into Groovy _REST Assured is built in Groovy _Similar aims and scope as XPath for XML _Documentation and examples: _http://groovy-lang.org/processing-xml.html#_gpath _http://groovy.jmiguel.eu/groovy.codehaus.org/GPath.html
GPath example http://goessner.net/articles/JsonPath/
Validating technical response data _HTTP status code _MIME-type of received responses _Cookies and their value _…
Our application under test _Ergast F1 API _Presents historical data of Formula 1 races, drivers, circuits, etc. _Data can be returned in JSON and XML format _API documentation at http://ergast.com/mrd/
Some examples _Data for driver Max Verstappen (in JSON): http://ergast.com/api/f1/drivers/max_verstappen.json _A list of circuits for the 2015 season (in JSON): http://ergast.com/api/f1/2015/circuits.json
Demo _API documentation _How to use the test suite _Executing your tests _Reviewing test results
Get your hands dirty! _RestAssuredExercises1 _Simple checks _Validating individual elements _Validating collections and items therein _Validating technical response properties _RestAssuredExamples contains all examples from the presentation
Parameters in RESTful web services _Path parameters _http://ergast.com/api/f1/drivers/max_verstappen.json _http://ergast.com/api/f1/drivers/hamilton.json _Query string parameters _http://md5.jsontest.com/?text=testcaseOne _http://md5.jsontest.com/?text=testcaseTwo _There is no official standard!
Using parameters in REST Assured _Examples for query parameters: _ Call to http://md5.jsontest.com/?text=testcaseOne _ Call to http://api.openweathermap.org/data/2.5/weather/?q=Kopenhagen&mode=xml
Using parameters in REST Assured _Examples for path parameters: _ Call to http://ergast.com/api/f1/drivers/max_verstappen.json _ Call to http://ergast.com/api/f1/drivers/alonso/constructors/renault/seasons.json
Using parameters in REST Assured _Iterating over a collection of parameter values: _ Creating pairs of driver ID’s and numbers: _ Using test data in API calls and validation of response data:
Get your hands dirty! _RestAssuredExercises2 _Data driven tests _Creating a test data object _Using test data in calling the right URI _Using test data in assertions _RestAssuredExamples contains all examples from the presentation
Authentication _Securing web services _Basic authentication (preemptive / challenged) _OAuth(2) _Digest / Form
Basic authentication _Username/password sent in header for every request
OAuth(2) _Request of authentication token based on username and password (Basic authentication) _Include authentication token in header of all subsequent requests
Measuring response times _Measuring response times for individual requests _Setting response time thresholds _Test fails when threshold is exceeded _No full-fledged performance test _First rough indication of API performance
Measuring response times _An example:
Get your hands dirty! _RestAssuredExercises3 _Communicating with an OAuth2-secured API _ Requesting authentication token _ Using authentication token in subsequent requests _Measuring API response times _ Execute a specific API call _ Evaluate response time against predefined threshold _RestAssuredExamples contains all examples from the presentation
Sharing variables between tests _Example: authentication tests _Copy / paste required for OAuth2 token _Preferably: store and retrieve for reuse!
Sharing variables between tests _REST Assured supports this with extract()
Get your hands dirty! _RestAssuredExercises4 _Try it for yourself _Can you apply this to the Formula 1 API? _RestAssuredExamplesParameterPassing contains all examples from the presentation
Executing tests in CI _REST Assured-tests are no different from other Java (unit) tests _Can be easily added to your CI/CD pipeline _Part of the build process _Demonstration (using Jenkins)
Questions
Contact _Email: bas@ontestautomation.com _Weblog: http://www.ontestautomation.com _Twitter: @_basdijkstra

More Related Content

PPTX
Rest assured
byVarun Deshpande
 
PDF
Postman Webinar: Postman 101
byNikita Sharma
 
PDF
Rest API Automation with REST Assured
byTO THE NEW Pvt. Ltd.
 
PPTX
Test your microservices with REST-Assured
byMichel Schudel
 
PPTX
Test Design and Automation for REST API
byIvan Katunou
 
PDF
2015-StarWest presentation on REST-assured
byEing Ong
 
ODP
Testing RESTful Webservices using the REST-assured framework
byMicha Kops
 
PPTX
API Testing Using REST Assured with TestNG
bySiddharth Sharma
 
Rest assured
byVarun Deshpande
 
Postman Webinar: Postman 101
byNikita Sharma
 
Rest API Automation with REST Assured
byTO THE NEW Pvt. Ltd.
 
Test your microservices with REST-Assured
byMichel Schudel
 
Test Design and Automation for REST API
byIvan Katunou
 
2015-StarWest presentation on REST-assured
byEing Ong
 
Testing RESTful Webservices using the REST-assured framework
byMicha Kops
 
API Testing Using REST Assured with TestNG
bySiddharth Sharma
 

What's hot

PDF
API Testing
byBikash Sharma
 
PPTX
Rest assured
byYaniv Rodenski
 
PPTX
POSTMAN.pptx
byRamaKrishna970827
 
PDF
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
byPostman
 
PPTX
Api Testing
byVishwanath KC
 
PDF
REST API and CRUD
byPrem Sanil
 
PPT
Postman.ppt
byParrotBAD
 
PPTX
Api Testing
byVishwanath KC
 
PPTX
Rest & RESTful WebServices
byPrateek Tandon
 
PPTX
Api testing
byHamzaMajid13
 
PPTX
API Testing for everyone.pptx
byPricilla Bilavendran
 
ODP
Accelerate Quality with Postman - Basics
byKnoldus Inc.
 
PPTX
B4USolution_API-Testing
byb4usolution .
 
PPTX
Rest API Testing
byupadhyay_25
 
PDF
An Introduction To Automated API Testing
bySauce Labs
 
PDF
API Testing. Streamline your testing process.
byAndrey Oleynik
 
PDF
Postman
byIgor Shubovych
 
PPTX
API Test Automation Using Karate (Anil Kumar Moka)
byPeter Thomas
 
PPTX
Spring boot
bysdeeg
 
PPSX
API Test Automation
bySQALab
 
API Testing
byBikash Sharma
 
Rest assured
byYaniv Rodenski
 
POSTMAN.pptx
byRamaKrishna970827
 
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
byPostman
 
Api Testing
byVishwanath KC
 
REST API and CRUD
byPrem Sanil
 
Postman.ppt
byParrotBAD
 
Api Testing
byVishwanath KC
 
Rest & RESTful WebServices
byPrateek Tandon
 
Api testing
byHamzaMajid13
 
API Testing for everyone.pptx
byPricilla Bilavendran
 
Accelerate Quality with Postman - Basics
byKnoldus Inc.
 
B4USolution_API-Testing
byb4usolution .
 
Rest API Testing
byupadhyay_25
 
An Introduction To Automated API Testing
bySauce Labs
 
API Testing. Streamline your testing process.
byAndrey Oleynik
 
Postman
byIgor Shubovych
 
API Test Automation Using Karate (Anil Kumar Moka)
byPeter Thomas
 
Spring boot
bysdeeg
 
API Test Automation
bySQALab
 

Viewers also liked

PPTX
Web (HTTP) request to response life cycle
byGopakumar Kunduveetil
 
KEY
Geek Moot '09 -- Smarty 101
byTed Kulp
 
PPT
Smarty sharing-2
byOndo Simanjuntak
 
PDF
Nmap scripting engine
byn|u - The Open Security Community
 
PPTX
Telecommunication system
byJamilah Abbas
 
PPT
Hacking A Web Site And Secure Web Server Techniques Used
bySiddharth Bhattacharya
 
KEY
Cmsms, open source & business model
byJean-Christophe Cuvelier
 
PPT
Apache Web Server Architecture Chaitanya Kulkarni
bywebhostingguy
 
PDF
Penetration testing
byAmmar WK
 
PPT
Web Server Technologies I: HTTP & Getting Started
byPort80 Software
 
PPT
Web Cookies
byapwebco
 
PDF
세션 하이재킹
byYu Yongwoo
 
PPTX
Cookie and session
byAashish Ghale
 
PPSX
Sessions and cookies
bywww.netgains.org
 
PDF
Web Server Hardening
byn|u - The Open Security Community
 
PPT
Mvc architecture
bySurbhi Panhalkar
 
PPT
Cookies and sessions
byLena Petsenchuk
 
PDF
Hacking With Nmap - Scanning Techniques
byamiable_indian
 
PPTX
REST & RESTful Web Services
byHalil Burak Cetinkaya
 
PDF
Basics of telecommunication and networking
byMilan Padariya
 
Web (HTTP) request to response life cycle
byGopakumar Kunduveetil
 
Geek Moot '09 -- Smarty 101
byTed Kulp
 
Smarty sharing-2
byOndo Simanjuntak
 
Nmap scripting engine
byn|u - The Open Security Community
 
Telecommunication system
byJamilah Abbas
 
Hacking A Web Site And Secure Web Server Techniques Used
bySiddharth Bhattacharya
 
Cmsms, open source & business model
byJean-Christophe Cuvelier
 
Apache Web Server Architecture Chaitanya Kulkarni
bywebhostingguy
 
Penetration testing
byAmmar WK
 
Web Server Technologies I: HTTP & Getting Started
byPort80 Software
 
Web Cookies
byapwebco
 
세션 하이재킹
byYu Yongwoo
 
Cookie and session
byAashish Ghale
 
Sessions and cookies
bywww.netgains.org
 
Web Server Hardening
byn|u - The Open Security Community
 
Mvc architecture
bySurbhi Panhalkar
 
Cookies and sessions
byLena Petsenchuk
 
Hacking With Nmap - Scanning Techniques
byamiable_indian
 
REST & RESTful Web Services
byHalil Burak Cetinkaya
 
Basics of telecommunication and networking
byMilan Padariya
 

Similar to Testing RESTful web services with REST Assured

PDF
Владимир Логвинов - Rest-Assured - легкий способ автоматизации тестирования REST
byWeb Tech Fun
 
PPTX
Rest-Assured - легкий способ автоматизации тестирования REST
byValtech Ukraine
 
PDF
Rest Assured Basics: A Beginner's Guide to API Testing in Java
bydigitaljignect
 
PPTX
Ivan Katunov. Comaqa Spring 2018. Test Design and Automation for Rest API.
byCOMAQA.BY
 
PPTX
ATAGTR2017 Test the REST
byAgile Testing Alliance
 
PDF
Pentesting RESTful WebServices v1.0
byn|u - The Open Security Community
 
PDF
Pentesting RESTful webservices
byMohammed A. Imran
 
PDF
Productivity Acceleration Tools for SOA Testers
byWSO2
 
PPTX
RestAssured.pptx
byArshad QA
 
PDF
Java Test Automation for REST, Web and Mobile
byElias Nogueira
 
PDF
Api FUNdamentals #MHA2017
byJoEllen Carter
 
PPTX
Pentesting ReST API
byNutan Kumar Panda
 
PDF
Web Services Testing
byDataArt
 
PPTX
An introduction to the API for OnTime for IBM
byontimesuite
 
PDF
Api fundamentals
byAgileDenver
 
PPTX
#ATAGTR2018 Presentation " Security Testing for RESTful APIs" By Anuradha Raman
byAgile Testing Alliance
 
PDF
Testing RESTful Web Services
byTechWell
 
PDF
Automate REST Services Testing with RestAssured
byTechWell
 
PDF
Next-Level API Automation Testing Techniques – Part 2
bydigitaljignect
 
PPTX
Time to REST: testing web services
byIurii Kutelmakh
 
Владимир Логвинов - Rest-Assured - легкий способ автоматизации тестирования REST
byWeb Tech Fun
 
Rest-Assured - легкий способ автоматизации тестирования REST
byValtech Ukraine
 
Rest Assured Basics: A Beginner's Guide to API Testing in Java
bydigitaljignect
 
Ivan Katunov. Comaqa Spring 2018. Test Design and Automation for Rest API.
byCOMAQA.BY
 
ATAGTR2017 Test the REST
byAgile Testing Alliance
 
Pentesting RESTful WebServices v1.0
byn|u - The Open Security Community
 
Pentesting RESTful webservices
byMohammed A. Imran
 
Productivity Acceleration Tools for SOA Testers
byWSO2
 
RestAssured.pptx
byArshad QA
 
Java Test Automation for REST, Web and Mobile
byElias Nogueira
 
Api FUNdamentals #MHA2017
byJoEllen Carter
 
Pentesting ReST API
byNutan Kumar Panda
 
Web Services Testing
byDataArt
 
An introduction to the API for OnTime for IBM
byontimesuite
 
Api fundamentals
byAgileDenver
 
#ATAGTR2018 Presentation " Security Testing for RESTful APIs" By Anuradha Raman
byAgile Testing Alliance
 
Testing RESTful Web Services
byTechWell
 
Automate REST Services Testing with RestAssured
byTechWell
 
Next-Level API Automation Testing Techniques – Part 2
bydigitaljignect
 
Time to REST: testing web services
byIurii Kutelmakh
 

More from Bas Dijkstra

PPTX
Test automation - put on the brakes so you can go fast
byBas Dijkstra
 
PPTX
20190919 backbase why_do_we_automate
byBas Dijkstra
 
PPTX
20190627 malmberg meetup_bdd_workshop
byBas Dijkstra
 
PPTX
Why do we automate?
byBas Dijkstra
 
PPTX
Test automation and Agile software development
byBas Dijkstra
 
PPTX
Who will guard the guards themselves? How to trust your automation and avoid ...
byBas Dijkstra
 
PPTX
Supporting Continuous Testing with FITR test automation
byBas Dijkstra
 
PPTX
Deploy and Destroy Complete Test Environments
byBas Dijkstra
 
PPTX
Slow tests in a fast delivery pipeline
byBas Dijkstra
 
PPTX
Continuous Delivery Conference 2014 - Bas Dijkstra
byBas Dijkstra
 
Test automation - put on the brakes so you can go fast
byBas Dijkstra
 
20190919 backbase why_do_we_automate
byBas Dijkstra
 
20190627 malmberg meetup_bdd_workshop
byBas Dijkstra
 
Why do we automate?
byBas Dijkstra
 
Test automation and Agile software development
byBas Dijkstra
 
Who will guard the guards themselves? How to trust your automation and avoid ...
byBas Dijkstra
 
Supporting Continuous Testing with FITR test automation
byBas Dijkstra
 
Deploy and Destroy Complete Test Environments
byBas Dijkstra
 
Slow tests in a fast delivery pipeline
byBas Dijkstra
 
Continuous Delivery Conference 2014 - Bas Dijkstra
byBas Dijkstra
 

Recently uploaded

PDF
Zoho Vani AI-Powered Collaboration Platform to Rival Google Workspace & Micro...
byEvoluz Global Solutions
 
PDF
VADY Smart Data Flow – Automated Data Insights for Scalable Enterprise Decisions
byNewFangledVision
 
PDF
Driving Stress Detection Using Multimodal CNN with Nonlinear Representation o...
byPranjal Kumar
 
PPTX
Java Modern Puzzlers, a guide to new programming features
bySimon Ritter
 
PPTX
Cyber-Security-Essentials (21AK1A0217).pptx
byGaganGagan44
 
PDF
Best Tableau Alternatives for Data Analytics and Reporting.pdf
byVarsha Nayak
 
PPTX
Moving Plone Blob Storage to S3 Object Storage - Plone Conference 2025
byAlin Voinea
 
PDF
Making sense of AWS Serverless operations- AWS Community Day CEE 2025
byVadym Kazulkin
 
PDF
Safe Confined Space Entry Monitoring_ Singapore Experts.pdf
byprasadexiga0
 
PDF
Shift Left for Inclusion: Scalable Accessibility Testing with Cypress - Cypre...
byLudovico Besana
 
PDF
Where Does Your Data Go When You Put In Into A Database_.pdf
byDave Stokes
 
PPTX
AI-Powered Intelligent Agents for Fraud Detection
byleolucus1995
 
PPT
preliminaries, concepts of programming languages
bymjmansoori54
 
PDF
898975372-Leaving-Legacy-Software-Behind-a-Modern-Migration-Roadmap.pdf
byKsoft Technologies
 
PPTX
Oracle_AWS_Azure_GCP_Comparison_ModernTech.pptx
byVITS184D1
 
PDF
The 50+ First-Timer: It’s never too late for Open Source!
byImma Valls Bernaus
 
PDF
Ensuring Regulatory Excellence with Insurance Compliance Software
byInsurance Tech Services
 
PDF
Metrics, logs, traces, and mayhem_ introducing an observability adventure gam...
byImma Valls Bernaus
 
PPT
Evolution of the Major Programming Languages
bymjmansoori54
 
PDF
SAP & CTRM Testing Like Never Before
byZoe Gilbert
 
Zoho Vani AI-Powered Collaboration Platform to Rival Google Workspace & Micro...
byEvoluz Global Solutions
 
VADY Smart Data Flow – Automated Data Insights for Scalable Enterprise Decisions
byNewFangledVision
 
Driving Stress Detection Using Multimodal CNN with Nonlinear Representation o...
byPranjal Kumar
 
Java Modern Puzzlers, a guide to new programming features
bySimon Ritter
 
Cyber-Security-Essentials (21AK1A0217).pptx
byGaganGagan44
 
Best Tableau Alternatives for Data Analytics and Reporting.pdf
byVarsha Nayak
 
Moving Plone Blob Storage to S3 Object Storage - Plone Conference 2025
byAlin Voinea
 
Making sense of AWS Serverless operations- AWS Community Day CEE 2025
byVadym Kazulkin
 
Safe Confined Space Entry Monitoring_ Singapore Experts.pdf
byprasadexiga0
 
Shift Left for Inclusion: Scalable Accessibility Testing with Cypress - Cypre...
byLudovico Besana
 
Where Does Your Data Go When You Put In Into A Database_.pdf
byDave Stokes
 
AI-Powered Intelligent Agents for Fraud Detection
byleolucus1995
 
preliminaries, concepts of programming languages
bymjmansoori54
 
898975372-Leaving-Legacy-Software-Behind-a-Modern-Migration-Roadmap.pdf
byKsoft Technologies
 
Oracle_AWS_Azure_GCP_Comparison_ModernTech.pptx
byVITS184D1
 
The 50+ First-Timer: It’s never too late for Open Source!
byImma Valls Bernaus
 
Ensuring Regulatory Excellence with Insurance Compliance Software
byInsurance Tech Services
 
Metrics, logs, traces, and mayhem_ introducing an observability adventure gam...
byImma Valls Bernaus
 
Evolution of the Major Programming Languages
bymjmansoori54
 
SAP & CTRM Testing Like Never Before
byZoe Gilbert
 
In this document
Powered by AI

Introduction to testing RESTful web services using REST Assured; hands-on workshop.

Setting up the environment for REST Assured: Install IDE, TestNG, and Maven.

Explains RESTful web services: HTTP methods, URIs, CRUD operations, usage in apps and IoT.

Comparative analysis of REST and SOAP, highlighting advantages and unique features of each.

List of tools for testing RESTful web services, including open-source and commercial options.

Details about REST Assured library for Java, including documentation and configuration.

Presentation of REST Assured features like HTTP method support, BDD integration, and JSON handling.

Introduction to Hamcrest matchers for expressing expectations in tests, with examples.

Explanation of GPath, its relation to REST Assured, and how it operates similarly to XPath.

Validating technical response data like HTTP status and using the Ergast F1 API as an example.

Illustration of example API calls to fetch data related to Formula 1 using JSON format.

Practical exercises for validating REST responses, focusing on individual elements and collections.

Explains path and query parameters in RESTful web services, providing usage examples.

Further hands-on exercises focused on data-driven tests and using test data effectively.

Discussion of authentication methods in web services including Basic Auth and OAuth2.

Measuring API response times, providing examples, and setting performance thresholds.

Hands-on exercise for testing OAuth2-secured APIs and measuring response times.

Explains sharing variables between tests in REST Assured for reusability of authentication tokens.

Demonstrating how REST Assured tests can be integrated into CI/CD pipelines using Jenkins.

Open floor for questions regarding the presentation.

Providing contact details for further inquiries and discussions regarding REST Assured.

Testing RESTful web services with REST Assured

  • 1.
    Test the REST TestingRESTful web services using REST Assured An open source workshop by … Originally created by Bas Dijkstra – bas@ontestautomation.com – http://www.testautomation.com - @_basdijkstra
  • 2.
    What are wegoing to do? _RESTful web services _REST Assured _Get your hands dirty
  • 3.
    Preparation _Install Eclipse (orany other IDE) _Install TestNG plugin (for Eclipse) _Install m2e (or similar for any other IDE) _Import Maven project into IDE _Update project (Eclipse) or similar
  • 4.
    What are RESTfulweb services? _HTTP request methods (GET, POST, PUT, …) _URI’s _CRUD operations on data POST Create GET Read PUT Update DELETE Delete
  • 5.
  • 6.
    Usage of RESTfulweb services _Mobile applications _Internet of Things _API Economy
  • 7.
    Why REST (andnot SOAP, for example)? _Support for a multitude of data formats _JSON _XML _… _Smaller overhead and therefore better performance
  • 8.
    Why SOAP(and notREST, for example)? _WS-Security _WS-ReliableMessaging _WS-AtomicTransaction _Mostly used to secure banking applications
  • 9.
    Tools for testingRESTful web services _Browser (using plugins like Postman for Chrome) _Open source (SoapUI, REST Assured) _COTS (Parasoft SOAtest, SoapUI Pro)
  • 10.
    REST Assured _Java libraryfor writing tests for RESTful web services _Removes a lot of boilerplate code _Integrates seamlessly with existing Java-based testing frameworks _JUnit, TestNG _Selenium WebDriver
  • 11.
    Configuring REST Assured _Downloadfrom http://rest-assured.io _Add as a dependency to your project _Maven
  • 12.
    REST Assured documentation _Usageguide _https://github.com/rest-assured/rest-assured/wiki/Usage _Links to other documentation (JavaDoc, getting started, release notes) _http://rest-assured.io/
  • 13.
  • 14.
    REST Assured features _Supportfor HTTP methods (GET, POST, PUT, …) _Support for BDD / Gherkin (Given/When/Then) _Use of Hamcrest matchers for checks (equalTo) _Use of GPath for selecting elements from JSON response
  • 15.
    About Hamcrest matchers _Expressexpectations in natural language _Examples: _ http://hamcrest.org/JavaHamcrest/javadoc/1.3/org/hamcrest/Matchers.html equalTo(X) Does the object equal X? hasItem(“Rome”) Does the collection contain an item “Rome”? hasSize(3) Does the size of the collection equal 3? not(equalTo(X)) Inverts matcher equalTo()
  • 16.
    About GPath _GPath isa path expression language integrated into Groovy _REST Assured is built in Groovy _Similar aims and scope as XPath for XML _Documentation and examples: _http://groovy-lang.org/processing-xml.html#_gpath _http://groovy.jmiguel.eu/groovy.codehaus.org/GPath.html
  • 17.
  • 18.
    Validating technical response data _HTTPstatus code _MIME-type of received responses _Cookies and their value _…
  • 19.
    Our application undertest _Ergast F1 API _Presents historical data of Formula 1 races, drivers, circuits, etc. _Data can be returned in JSON and XML format _API documentation at http://ergast.com/mrd/
  • 20.
    Some examples _Data fordriver Max Verstappen (in JSON): http://ergast.com/api/f1/drivers/max_verstappen.json _A list of circuits for the 2015 season (in JSON): http://ergast.com/api/f1/2015/circuits.json
  • 21.
    Demo _API documentation _How touse the test suite _Executing your tests _Reviewing test results
  • 22.
    Get your handsdirty! _RestAssuredExercises1 _Simple checks _Validating individual elements _Validating collections and items therein _Validating technical response properties _RestAssuredExamples contains all examples from the presentation
  • 23.
    Parameters in RESTfulweb services _Path parameters _http://ergast.com/api/f1/drivers/max_verstappen.json _http://ergast.com/api/f1/drivers/hamilton.json _Query string parameters _http://md5.jsontest.com/?text=testcaseOne _http://md5.jsontest.com/?text=testcaseTwo _There is no official standard!
  • 24.
    Using parameters inREST Assured _Examples for query parameters: _ Call to http://md5.jsontest.com/?text=testcaseOne _ Call to http://api.openweathermap.org/data/2.5/weather/?q=Kopenhagen&mode=xml
  • 25.
    Using parameters inREST Assured _Examples for path parameters: _ Call to http://ergast.com/api/f1/drivers/max_verstappen.json _ Call to http://ergast.com/api/f1/drivers/alonso/constructors/renault/seasons.json
  • 26.
    Using parameters inREST Assured _Iterating over a collection of parameter values: _ Creating pairs of driver ID’s and numbers: _ Using test data in API calls and validation of response data:
  • 27.
    Get your handsdirty! _RestAssuredExercises2 _Data driven tests _Creating a test data object _Using test data in calling the right URI _Using test data in assertions _RestAssuredExamples contains all examples from the presentation
  • 28.
    Authentication _Securing web services _Basicauthentication (preemptive / challenged) _OAuth(2) _Digest / Form
  • 29.
  • 30.
    OAuth(2) _Request of authenticationtoken based on username and password (Basic authentication) _Include authentication token in header of all subsequent requests
  • 31.
    Measuring response times _Measuringresponse times for individual requests _Setting response time thresholds _Test fails when threshold is exceeded _No full-fledged performance test _First rough indication of API performance
  • 32.
  • 33.
    Get your handsdirty! _RestAssuredExercises3 _Communicating with an OAuth2-secured API _ Requesting authentication token _ Using authentication token in subsequent requests _Measuring API response times _ Execute a specific API call _ Evaluate response time against predefined threshold _RestAssuredExamples contains all examples from the presentation
  • 34.
    Sharing variables betweentests _Example: authentication tests _Copy / paste required for OAuth2 token _Preferably: store and retrieve for reuse!
  • 35.
    Sharing variables betweentests _REST Assured supports this with extract()
  • 36.
    Get your handsdirty! _RestAssuredExercises4 _Try it for yourself _Can you apply this to the Formula 1 API? _RestAssuredExamplesParameterPassing contains all examples from the presentation
  • 37.
    Executing tests inCI _REST Assured-tests are no different from other Java (unit) tests _Can be easily added to your CI/CD pipeline _Part of the build process _Demonstration (using Jenkins)
  • 38.
  • 39.

Editor's Notes

  • #2 Please replace the … with your own name. I would really like it if you left the bottom line intact though, as a way of thanking me. That’s really all I’m asking for, the rest of the workshop is yours to butcher (erm, improve).
  • #3 First: an introduction to RESTful web services, how they work and where they are used Then: an introduction to REST Assured, a Java library that can be used to write tests for RESTful web services But most importantly: you are going to have to do some work yourself! There’s not better way to learn than by doing.
  • #4 Depending on the way you deliver this workshop, this sheet can be altered or even removed. When I delivered it, I had participants bring in their own laptop and asked them to follow installation instructions. I only provided them for Eclipse and mentioned that whenever they wanted to use a different IDE, they were allowed to do so. I wanted to keep things simple and therefore did not provide installation instructions for other IDEs.
  • #5 Explain the concept of RESTful web services and compare it to your browser retrieving web pages, images, etc. from a web server (or sending data back to it).
  • #6 A simple example. You could also perform this one live to show the participants how easy it is to invoke a RESTful web service using your browser (it really is no different from accessing a regular web page since it’s all done over HTTP)
  • #7 Explain where RESTful web services are used. API Economy relates to software development exposing (parts of) their applications to the outside world through APIs, so that other developers can easily integrate their applications with it. For example: Google’s Gmail API, Maps API or the PayPal or LinkedIn APIs.
  • #8 Explain the reasons why REST is chosen over SOAP
  • #9 There are some cases where using SOAP instead of REST can be useful
  • #10 Three levels of tools, ranging from the very simple to the powerful and from the free to the commercial
  • #11 Explain what REST Assured is and why it was written Explain how REST Assured can easily be made part of a bigger testing framework covering everything from unit to end-to-end and user interface testing
  • #12 Briefly discuss the options available for installing and configuring REST Assured (this should be trivial for anybody with a bit of Java development experience)
  • #13 Notes on where to find additional information on REST Assured
  • #14 Demonstrate how easy it is to write a fully functional test on a RESTful web service with REST Assured. This is the only code you need. And it’s readable too!
  • #15 Using the example from the previous sheet, introduce some of the basic REST Assured features
  • #16 Go into a little more detail with regards to Hamcrest matchers – readable matchers for creating checks
  • #17 Go into a little more detail with regards to Gpath for effective selection of elements from XML and JSON responses
  • #18 Example – also explain the [0] needed since we’re dealing with a collection of Circuits here
  • #19 Explain how you can not only perform validations on response content, but also on response headers.
  • #20 Explain why this API was chosen (simple, lots of features, very ‘real’ data, something lots of people can relate to) Alternatively, you can always use your own API of course!
  • #21 Some basic examples on how to retrieve data from the API
  • #22 A quick demo before the participants start with the first series of exercises might be helpful to ensure they’ve understood everything so far and are ready to go.
  • #23 Speaks for itself, I think.
  • #24 Explain the difference between path and query string parameters in RESTful web services
  • #25 Explain how you define query string parameters to be used when calling a service in REST Assured (using params() )
  • #26 Explain how you define path parameters to be used when calling a service in REST Assured (using pathParam() )
  • #27 Explain how to create data driven tests using the TestNG @DataProvider and (path or query string) parameters
  • #29 Explain why web services sometimes need to be secured and introduce the different authentication options for RESTful web services
  • #30 Explain Basic (username / password) authentication
  • #31 Explain Oauth Retrieve access token by calling endpoint (mostly secured using Basic authentication) Include obtained authentication token in the header of all subsequent requests Explain that authentication token is tied to a specific user and that it has an expiration time (after which a new token needs to be requested)
  • #32 REST Assured can also measure very basic response times. This is in no way equal to a full-blown performance test, but it can be a rough indication for potential performance issues. For REAL validation of performance requirements, an actual performance test should be set up, using a dedicated performance test tool such as Apache JMeter
  • #33 Here’s an example of how to define a response time threshold and the error generated when the actual response time exceeds this threshold
  • #35 Refer to the exercise where you needed to manually copy and paste the OAuth authentication token. This is cumbersome, especially when you want to have your tests run unattended (which you want to ;). To be able to do so, you need a way to extract response values from a certain request (in this case the authentication token) and reuse it in subsequent tests.
  • #36 Explain the REST Assured extract() feature, which you can use (using GPath) to extract certain values from a response for later reuse.
  • #38 The final part of this workshop is used to explain how you can integrate your REST Assured API-level tests in a Continuous Integration setting. For my workshop, I have set up a local Jenkins installation and created a simple job that executed the tests. I then showed the build result and the console output in Jenkins to prove that the tests were indeed executed.
  • #39 Any questions?
  • #40 Here’s the part where you can shamelessly promote yourself (or give the participants your contact details in case they want more information or have any other questions, of course…). Feel free to replace this with your own contact details, you’re the one delivering the workshop after all!