The ABCs of APIs

Angie Jones

http://angiejones.tech

@techgirl1908

Senior Automation Engineer

Twitter, San Francisco, CA, USA

Application

 

Programming

 

Interface

@techgirl1908

@techgirl1908

@techgirl1908

@techgirl1908

Internet

 

Of

 

Things

@techgirl1908

Microservices

@techgirl1908

UI Testing

@techgirl1908

Why is

API

testing so important?

@techgirl1908

@techgirl1908

Anatomy 

of an

API

@techgirl1908

@techgirl1908

API

collection of endpoints

@techgirl1908

Credit: Mark Winteringham

Resource: https://restful-booker.herokuapp.com

@techgirl1908

API

collection of endpoints

request

response

@techgirl1908

API

collection of endpoints

request

response

URL

headers

body

method

CRUD REST Methods Tests
create POST
read GET
update PUT
delete DELETE

@techgirl1908

CRUD REST Methods Tests
create POST post with all optional and required data
post with only required data
post with required data missing
post with invalid data for the parameters
read GET
update PUT
delete DELETE

@techgirl1908

CRUD REST Methods Tests
create POST post with all optional and required data
post with only required data
post with required data missing
post with invalid data for the parameters
read GET get when profile doesn't exist
get when profile exists
create profile then get
update profile then get
delete profile then get
update PUT
delete DELETE

@techgirl1908

CRUD REST Methods Tests
create POST post with all optional and required data
post with only required data
post with required data missing
post with invalid data for the parameters
read GET get when profile doesn't exist
get when profile exists
create profile then get
update profile then get
delete profile then get
update PUT update existing profile
update non-existing profile
update deleted profile
update then update again
delete DELETE

@techgirl1908

CRUD REST Methods Tests
create POST post with all optional and required data
post with only required data
post with required data missing
post with invalid data for the parameters
read GET get when profile doesn't exist
get when profile exists
create profile then get
update profile then get
delete profile then get
update PUT update existing profile
update non-existing profile
update deleted profile
update then update again
delete DELETE delete profile
delete when there are dependencies
delete after delete
delete non-existing

@techgirl1908

@techgirl1908

API

collection of endpoints

request

response

status

headers

body

URL

headers

body

method

@techgirl1908

@techgirl1908

Let's explore!

@techgirl1908

Write a list of test cases for this endpoint

@techgirl1908

Execute

one of your tests

@techgirl1908

Did you verify the

status code?

@techgirl1908

Did you verify the

response header?

@techgirl1908

Did you verify every part of the response body?

@techgirl1908

Let's automate some tests!

@techgirl1908

https://api.twitter.com/1.1/search/tweets.json?q={query}

@techgirl1908

https://api.twitter.com/1.1/search/tweets.json?q={query}

@techgirl1908

Test Expectation
single word every returned tweet's text should contain word
multiple words (logical AND) every returned tweet's text should contain each of the words
"multiple words" every returned tweet's text should contain the exact phrase
logical OR every returned tweet's text should contain at least one of the words
word + negated (-) other word every returned tweet's text should contain word but not contain negated word
https://api.twitter.com/1.1/search/tweets.json?q={query}

@techgirl1908

Test Expectation
from:author + word every returned tweet's author should be the one specified and the tweet's text should contain the word
filter:{attribute} + word

attribute can be verified, media, links, retweets, etc
every returned tweet should have the attribute that was filtered and the tweet's text should contain the word
blank search invalid search
search produces no results empty response body
word with special characters every returned tweet's text should contain the word
https://api.twitter.com/1.1/search/tweets.json

@techgirl1908

Additional areas
rate limit
character limit
authorization
combinations of the other 9 optional paramaters

@techgirl1908

Your turn!

Write automated tests for the

Pet Shop API

More Resources

@techgirl1908