Index:
Internet and APIs
Postman
Restassured
Performance testing and Jmeter
Topic 1: Internet and APIs
HTTP
Intro to HTTP
What is it?
HTTP (Hypertext Transfer Protocol) is the protocol used to transmit data over the web.
Where is it used?
It is used in web development to communicate between client and server and to transfer data over the web.
HTTP Methods & Status codes
What is it?
HTTP methods are the types of request a client can send to a server (GET, POST, PUT, DELETE, etc.), and HTTP status codes are the server's response to each of these requests, indicating the result of the request (200 OK, 404 Not Found, etc.).
Where is it used?
These are used in API testing and development to create, read, update, and delete resources on the server.
HTTP Headers
What is it?
HTTP headers allow the client and the server to pass additional information with an HTTP request or response.
Where is it used?
They are used in HTTP requests and responses to provide information about the request or response, or about the object sent in the message body.
Intro to REST
What is it?
REST (Representational State Transfer) is an architectural style for designing networked applications, using a stateless, client-server communication protocol, typically HTTP.
Where is it used?
REST is used to build Web services that are lightweight, scalable, and easy to maintain. These services are often used by mobile applications, web applications, and other distributed systems.
JSON
What is it?
JSON (JavaScript Object Notation) is a lightweight data-interchange format that is easy for humans to read and write and easy for machines to parse and generate.
Where is it used?
JSON is often used in RESTful APIs as a format for sending and receiving data.
How is it used?
Create a JSON object in the required format.
The JSON object is sent in the body of HTTP request or response.
The receiving end parses the JSON object to retrieve the data.
given()
.header("Content-Type", "application/json")
.body("{\"key\":\"value\"}") // JSON body
.when()
.post("https://myapi.com/endpoint")
.then()
.statusCode(200);
Takeaways / Best Practices
Use the correct HTTP method for the intended operation: GET to retrieve, POST to create, PUT to update, and DELETE to remove resources.
Always check the HTTP status codes for your requests to ensure they have been processed correctly.
Be mindful of the information you pass in your HTTP headers, especially in regards to security and data privacy.
When working with RESTful APIs, aim to keep your APIs stateless to ensure they are scalable and easy to maintain.
When using JSON, ensure proper structure and validate your JSON before sending your requests.
APIs
What is API?
What is it?
An API (Application Programming Interface) is a set of rules and protocols for building and interacting with software applications.
Where is it used?
APIs are used everywhere in software development. They allow different software systems to communicate with each other, such as web services, libraries, operating systems, and more.
How does API work?
What is it?
APIs work by defining a set of rules that applications must follow to communicate with each other. These rules dictate how requests and responses are formatted, which methods can be used, and what each method does.
API Architecture
What is it?
API architecture refers to the process of structuring APIs by defining the endpoints, request/response formats, and underlying design principles.
Where is it used?
API architecture is used during the design and development of APIs. Good architecture makes an API easier to use and maintain.
HTTP Methods
What is it?
HTTP methods are actions to be performed on a specified resource in a RESTful API. The most common are GET (retrieve), POST (create), PUT (update), and DELETE (remove).
Types of API
What is it?
APIs can be categorized based on their functionality and use case. Some types include RESTful APIs, SOAP APIs, GraphQL APIs, and more.
Where is it used?
The type of API used would depend on the requirements of the application. For instance, RESTful APIs are widely used due to their simplicity and scalability.
API Testing and Its Advantages
What is it?
API testing is the process of checking the functionality, reliability, performance, and security of APIs.
Where is it used?
API testing is used in the software development lifecycle to ensure APIs work as expected and can handle the anticipated load.
API Testing Tools
What is it?
API testing tools are software applications used to test the functionality, reliability, performance, and security of an API.
Where is it used?
API testing tools like Postman, RestAssured, SoapUI, and more are used in the software testing process.
How is it used?
Select the appropriate API testing tool based on your requirements.
Set up the tool and create a new test suite.
Add test cases for each API endpoint, ensuring to test all HTTP methods, different input data, and edge cases.
Run the tests and analyze the results.
// Example using RestAssured
given()
.header("Content-Type", "application/json")
.when()
.get("https://myapi.com/endpoint")
.then()
.statusCode(200);
Takeaways / Best Practices
Design your APIs with clear and consistent naming conventions.
Use the correct HTTP methods and status codes.
Ensure your APIs are stateless, which makes them easier to scale.
When testing, cover all possible edge cases and validate not only the response body but also the response status and headers.
Continuously monitor and test your APIs even after deployment.
Topic 2: Postman
Postman
What is Postman?
What is it?
Postman is a popular API client that helps developers build, test and modify APIs.
Where is it used?
Postman is used in API development and testing, providing a user-friendly interface for sending HTTP requests, managing saved requests, visualizing and analyzing responses, automating API testing, and much more.
Navigation sections
What is it?
Navigation sections in Postman are the different parts of the user interface where you can manage your requests, collections, environments, etc.
How is it used?
The sidebar on the left allows you to navigate between your collections and APIs.
The header provides access to the workspace switcher, templates, notifications, and more.
The central area is where you create or edit your requests.
Creating Request and Generating Response
What is it?
Creating a request in Postman involves specifying the HTTP method, entering the API endpoint, setting headers and/or body data, and hitting send. The server's response is then displayed in the response section.
How is it used?
Open Postman and click on the "New" button or use the shortcut (Cmd+T for macOS, Ctrl+T for Windows).
Select the HTTP method from the dropdown.
Enter the API endpoint in the URL field.
Click on the 'Send' button to execute the request.
Authentication vs Authorization
What is it?
Authentication is the process of verifying the identity of a user, device, or system. Authorization, on the other hand, is the process of verifying what they have access to.
Generating authorization token
What is it?
Generating an authorization token is a process in which a user obtains a token that authenticates their identity and provides certain access privileges.
How is it used?
In the Postman app, in the 'Authorization' tab of a request, select your authorization type as 'Bearer Token'.
Enter your token in the 'Token' field.
Send your request.
Collections
What is it?
In Postman, a collection is a group of pre-configured requests that can be organized into folders.
How is it used?
Click on the 'New Collection' button in the sidebar.
Name the collection and provide a description.
You can add requests to the collection by clicking on the three dots next to the collection's name and selecting 'Add requests'.
Variables
What is it?
Variables in Postman are symbolic names representing values that can be used in requests and scripts.
How is it used?
Click on the 'Environment quick look' button in the top right corner.
In the popup, under the 'Globals' tab, you can add a variable by giving it a name and an initial and current value.
Scope of variables
What is it?
The scope of a variable in Postman refers to the extent of the workspace within which the variable is valid and can be used.
Takeaways / Best Practices
Utilize Postman's features like variables and environments to avoid repetition and make your API testing more effective.
Regularly organize your requests into collections for better management.
Leverage Postman's ability to write tests and scripts for automated testing and continuous integration.
Always ensure that sensitive data such as API keys and tokens are not exposed in shared collections or environments.
Scripting in Postman
What is scripting?
What is it?
Scripting is the process of writing scripts, which are simple programs or automated sequences of instructions for various tasks.
Where is it used?
Scripting is used in various fields, including web development, game development, and data analysis. In the context of Postman, scripting is used to write pre-request scripts and test scripts for API testing.
Type of Scripts
What is it?
There are mainly two types of scripts in Postman: Pre-request Scripts and Tests.
Where is it used?
These scripts are used in Postman to carry out actions before sending a request or after receiving a response.
Postman sandbox
What is it?
The Postman sandbox is an environment where you can write and execute scripts.
How is it used?
In a request, you can navigate to the "Pre-request Script" or "Tests" tabs to access the Postman sandbox.
You can then write scripts using JavaScript.
Pm object
What is it?
The pm object is a special object in the Postman sandbox, providing several useful methods and properties for writing scripts.
How is it used?
In your scripts, you can use pm to access variables, set variables, make assertions, etc. For example, to access a variable: pm.variables.get("variableName").
Assertions
What is it?
Assertions are conditions or checks made in Postman scripts to ensure that a request's response meets certain criteria.
How is it used?
In the "Tests" script, you can make assertions using pm.expect(). For example: pm.expect(pm.response.code).to.equal(200);
Ordering in Collections
What is it?
Ordering in collections refers to the order in which requests are arranged in a Postman collection.
How is it used?
You can drag and drop requests within a collection to change their order. This is important for the sequential execution of requests.
Postman Interceptor
What is it?
Postman Interceptor is a Chrome extension that allows you to intercept browser requests and synchronize cookies directly into Postman.
How is it used?
Install the Interceptor extension from the Chrome Web Store.
In Postman, click on the Interceptor icon in the header and switch the toggle to "Enabled".
Monitors
What is it?
Monitors in Postman are used for scheduling and running collections periodically to check for their performance and response.
How is it used?
Select a collection and click on the "Monitor" button.
Set the frequency, region, and other settings for the monitor.
Takeaways / Best Practices
Make good use of the pm object and the Postman sandbox for writing scripts.
Always write assertions in your tests to validate API responses.
Use the Postman Interceptor for testing APIs that use cookies.
Utilize Postman monitors for automatic and periodic testing of APIs.
Topic 3: Restassured
RestAssured
Intro to REST Assured
What is it?
REST Assured is a Java library for simplifying the testing and validation of REST APIs.
Where is it used?
Used in test automation of REST APIs in Java projects.
Making API requests with REST Assured
What is it?
Making API requests with REST Assured involves invoking REST APIs and handling their responses.
How is it used?
import io.restassured.RestAssured;
import io.restassured.response.Response;
import static io.restassured.RestAssured.*;
public class GetRequestExample {
public static void main(String[] args) {
RestAssured.baseURI = "http://api.example.com";
Response response = get("/users"); // Making GET request
System.out.println(response.asString());
}
}
Authorization with REST Assured
What is it?
Authorization with REST Assured refers to sending authorized API requests, typically with OAuth or API keys.
How is it used?
given().auth()
.oauth2("YOUR_TOKEN")
.when()
.get("http://api.example.com/secure-endpoint")
.then()
.statusCode(200);
CRUD with REST Assured
What is it?
CRUD with REST Assured means using the library to perform Create, Read, Update, and Delete operations on a REST API.
How is it used?
// CREATE
given().body(requestBody)
.when()
.post("/endpoint");
// READ
when().get("/endpoint/{id}");
// UPDATE
given().body(updatedRequestBody)
.when()
.put("/endpoint/{id}");
// DELETE
when().delete("/endpoint/{id}");
REST Assured: JSON schema validation
What is it?
JSON schema validation in REST Assured is the process of validating the JSON response against a predefined JSON schema.
How is it used?
get("/endpoint").then().assertThat().body(matchesJsonSchemaInClasspath("json-schema.json"));
REST Assured: Assertions
What is it?
Assertions in REST Assured are used to validate the response of an API request.
How is it used?
when().get("/endpoint").then().statusCode(200);
Intro to Microservices Testing
What is it?
Microservices testing is the process of testing microservice architecture, where each service is tested individually and in collaboration with others.
Where is it used?
It's used in applications that follow a microservice architecture.
Takeaways / Best Practices
REST Assured simplifies REST API testing in Java, make good use of its fluent API and inbuilt functionalities.
Always validate your API responses using JSON schema validation and assertions.
For secure endpoints, ensure your API requests are authorized.
In microservices testing, remember to test each service both individually and as a part of the whole system.
Topic 4: Performance testing and Jmeter
Performance Testing
Intro to Performance Testing
What is it?
Performance testing is a non-functional testing technique performed to determine the system parameters in terms of responsiveness and stability under various workloads.
Where is it used?
Performance testing is used across software systems to ensure performance parameters like speed, reliability, response time, etc., meet the expected benchmarks.
What is non-functional testing?
What is it?
Non-functional testing is a type of software testing that verifies non-functional aspects (like performance, usability, reliability, etc.) of a software application.
Where is it used?
Non-functional testing is used across all systems and applications to ensure the quality of aspects other than specific functionalities.
What is performance testing?
What is it?
Performance testing, a subset of non-functional testing, is used to assess system performance under different loads, identifying bottlenecks and areas of improvement.
Where is it used?
Performance testing is vital for systems expected to handle high loads, such as web servers, applications with many simultaneous users, and systems with large data processing needs.
Types of Performance Testing
What is it?
Types of performance testing include Load Testing, Stress Testing, Endurance Testing, Spike Testing, Volume Testing, and Scalability Testing.
Where is it used?
Different types of performance testing are applied in various scenarios depending on the specific performance aspects to be tested.
Performance Testing Metrics
What is it?
Performance testing metrics are quantifiable measures used to gauge the performance characteristics of a system during performance testing.
Where is it used?
Performance testing metrics are used to analyze the performance of a system under different loads and conditions.
Performance Testing process
What is it?
The performance testing process is a series of steps undertaken to carry out performance testing. It usually involves identifying testing environment, identifying performance metrics, planning and designing performance tests, test execution, and analyzing, tuning and retesting.
Where is it used?
This process is followed whenever a performance testing exercise is conducted.
Takeaways / Best Practices
Performance testing is a crucial aspect of software quality assurance, and skipping it may lead to serious issues in production.
Choose the right type of performance testing based on what you need to measure - it could be load, stress, endurance, spike, or volume testing.
Always consider the realistic conditions and environments when performing performance testing.
Performance testing metrics are critical for understanding the system's behavior under different loads. Choose the right metrics to measure.
The performance testing process is iterative - analyze, tune, and retest to get the best results.
Performance Testing Tools
Manual performance testing
What is it?
Manual performance testing is a process where performance tests are executed manually without the use of automated tools.
Where is it used?
Manual performance testing is usually applied in small scale or early stage projects where the setup for automation is not feasible or the complexity does not warrant it.
How is it used?
Manual performance testing involves the tester manually interacting with the system, monitoring response times, system behavior, and other performance indicators.
Disadvantages of manual performance testing
What is it?
The disadvantages of manual performance testing refer to the limitations and challenges associated with conducting performance tests manually.
Where is it used?
These disadvantages become apparent when dealing with complex, large-scale, or high-load systems that require precise and repeatable testing scenarios.
How is it used?
Despite being sometimes necessary, manual testing can be time-consuming, less precise, and not scalable for high-load scenarios.
Performance testing tools
What is it?
Performance testing tools are software applications that help in automating the process of performance testing.
Where is it used?
They are used across various software systems for conducting different types of performance tests such as load, stress, endurance, and spike testing.
How is it used?
These tools simulate user load on a software application and provide detailed reports about the system's performance under different load conditions.
Jmeter
What is it?
JMeter is an open-source Java application designed for load testing and measuring the performance of web applications, databases, and APIs.
Where is it used?
It is used to test performance both on static and dynamic resources.
How is it used?
JMeter simulates a heavy load on a server by creating multiple virtual concurrent users to the server and returns statistics that show the performance/functionality of the target server/application via graphical diagrams.
Components of JMeter
What is it?
JMeter components include Test Plan, Thread Group, Samplers, Listeners, Assertions, Config Elements, Pre-Processor Elements, and Post-Processor Elements.
Where is it used?
These components are used within JMeter for specifying what to test and how to handle the response data.
How is it used?
These components are assembled in a hierarchical order to create a test plan which can be executed for performance testing.
API testing using JMeter
What is it?
API testing using JMeter involves leveraging JMeter's functionality to test the performance and response of APIs.
Where is it used?
It's used when performance testing APIs to measure response times, throughput, and error rates.
How is it used?
In JMeter, HTTP Request samplers are added to a test plan to define the details of the API calls. Assertions can be added to validate responses, and listeners are used to view and analyze the results.
Takeaways / best practices
While manual performance testing might be useful for small applications, it's usually not scalable for large-scale applications with high user load.
Automated performance testing with tools like JMeter is typically more efficient, as it allows for scalable, repeatable, and comprehensive testing scenarios.
When using JMeter, understanding its components and their correct utilization is key for creating effective test plans.
API testing with JMeter requires a good understanding of the API endpoints, the expected responses, and performance metrics.
Regularly updating and maintaining your performance tests is as crucial as functional tests in your CI/CD pipeline.
All the best and Happy Learning!
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article