Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
UNDERSTANDING AND TESTING
RESTFUL WEB SERVICES
PLEASE INSTALL
POSTMAN - REST Client
POSTMAN Interceptor
www.getpostman.com...
ABOUT ME...
-
-
-
www.mwtestconsultancy.co.uk
@mwtestconsult
linkedin.com/in/markwinteringham
WORKSHOP GOALS
Explore the basics of a RESTful WebServices
Build requests to query and manipulate data
Try out different t...
WELCOME TO 'THE BEST AT REST LTD'
Creators of RESTFUL-BOOKER
A restful webservice that allows hotels
to store booking deta...
RESTFUL-BOOKER REQUIREMENTS
1. Must be able to create, read, update and
delete bookings
2. Bookings must be searchable
3. ...
GITHUB REPOS
Restful booker:
Slides:
www.github.com/mwinteringham/restful-booker
www.github.com/mwinteringham/reveal.js
POSTMAN
Our test tool for the workshop
RESTFUL WEB SERVICE
WEB SERVICE
'A Web service is a software system designed to support
interoperable machine-to-machine interaction over a ne...
Mobile to Web Service
UI Backend
Web Service to Web Service
Reports Search
A service-oriented architecture
WHAT MAKES A SERVICE RESTFUL?
Stateless
Cacheable
Uniform Interface
Client-Server
Layered System
Code on Demand
Identify a...
A RESTFUL WEB SERVICE EXAMPLE
http://adrianmejia.com/blog/2014/10/01/creating-a-restful-api-tutorial-with-nodejs-and-mongo...
REST-REPORTER
https://github.com/mwinteringham/restful-booker
rest-reporter is a C.R.U.D. service
CREATE
READ
UPDATE
DELETE
READ
A TYPICAL HTTP READ REQUEST
URI Path
RI Host
UNIFORM RESOURCE IDENTIFIERS
Resource
Booking resource 1
_id:
5534e8cdbb97c77e0eb7ae51
Something the service exposes to
th...
UNIFORM RESOURCE IDENTIFIERS
scheme ://host :port /resource ?queryString
http://localhost:3001/booking?name=mary
QUERY STRINGS
A query string indicates additional actions you might
want to apply to the resource/resources you want
Retur...
CREATING QUERY STRINGS
Query strings start with a ? after the resource path
Are declared as key=value
Multiple query decla...
A TYPICAL HTTP READ REQUEST
HTTP Verb
HTTP VERBS
HTTP methods indicate an action the user would like to
do on a resource
CREATE = POST
READ = GET
UPDATE = PUT
D...
VERBS IN ACTION
GET - Returns current bookings
POST - Creates a new booking
http://localhost:3001/booking
http://localhost...
A TYPICAL HTTP READ REQUEST
eaders
HTTP HEADERS
Define the operating parameters of an HTTP request such as:
What is requesting the resource
What format the r...
HTTP HEADERS
Adding headers can alter the behaviour of the service and its response
Key: Value Outcome
Accept: application...
A TYPICAL HTTP RESPONSE
HTTP Status code
HTTP STATUS CODES
Indicator of how the server has responded to the request you've sent
1xx Informational
2xx Success
3xx R...
TYPICAL HTTP STATUS CODES
200 Server has carried out its actions successfully
404 URI path doesn't exist
403 You're not au...
A TYPICAL HTTP RESPONSE
Payload
TYPES OF PAYLOADS
JSON
id":"5534e8cdbb97c77e0eb7ae65",
irstName":"Jim",
astName":"Wilson",
otalPrice":787,
epositPaid":fal...
ITERATION ONE - INVESTIGATING READ
USERS STORIES
As a user of restful-booker
I want to be able to view all
current booking...
What did you learn?
CREATE
A TYPICAL HTTP CREATE REQUEST
Change in HTTP Verb
ayload
PAYLOAD
A representation of the resource you want to create
through the service
The parameters and the structure of the pa...
XML PAYLOADS
<booking>
<firstName>Mark</firstName>
<lastName>test</lastName>
<totalPrice>300.00</totalPrice>
<depositPaid>...
JSON PAYLOADS
{
"firstName": "Mark",
"lastName": "test",
"totalPrice": 300.00,
"depositPaid": true,
"additionalNeeds": "Br...
DATA TYPES
{
"firstName": "Mark",
"lastName": "test",
"totalPrice": 300.00,
"depositPaid": true,
"additionalNeeds": "Break...
ROBUSTNESS PRINCIPLE
`Be conservative in what you do, be liberal in what you accept from others`
Postel's law
When sending...
POST RELATED HEADERS
Key Value
Content-Type: application/json, text/xml
Content-Length: 157
ITERATION TWO - INVESTIGATING
CREATE
USER STORIES
As a user of restful-booker
I want to be able to create
So that I can ch...
What did you learn?
UPDATE/DELETE
AUTHORISATION
Services generally have one or more layers of security
such as:
Basic access authentication
Cookie based aut...
HTTP HEADERS - COOKIES
Cookies are also a type of header and can be added to a
request
Cookie: COOKIEVAL1=abc; COOKIEVAL2=...
BASIC ACCESS AUTHENTICATION
Comes in the form of a header
Authorization Basic Base64(username:password)
Authorization Basi...
COOKIE BASED AUTHENTICATION
POST /auth
{
username: admin,
password: password123
}
Response
Set-Cookie: token=abc123
DELETE...
PUT
Similar to POST but rather than create it updates
However, in the real world that might not be the case:
PUT vs POST i...
DELETE
Similar to GET but it deletes rather than reads the
resource
ITERATION THREE - INVESTIGATING
UPDATE / DELETE
USER STORIES
As a user of restful-booker
I want to be able to protect crea...
What did you learn?
TAKING RESTFUL TESTING FURTHER
Mobile to Web Service
UI
UI testing
Backend
RESTful testing
AUTOMATION?
WRAPPING UP
THANK YOU
Restful-booker - https://github.com/mwinteringham/restful-booker
Slides - https://github.com/mwinteringham/revea...
Nächste SlideShare
Wird geladen in …5
×

Understanding and testing restful web services

1.850 Aufrufe

Veröffentlicht am

Slides for the workshop 'Understanding and testing restful web services'

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

Understanding and testing restful web services

  1. 1. UNDERSTANDING AND TESTING RESTFUL WEB SERVICES PLEASE INSTALL POSTMAN - REST Client POSTMAN Interceptor www.getpostman.com www.getpostman.com/features#interceptor Created by /Mark Winteringham @mwtestconsult
  2. 2. ABOUT ME... - - - www.mwtestconsultancy.co.uk @mwtestconsult linkedin.com/in/markwinteringham
  3. 3. WORKSHOP GOALS Explore the basics of a RESTful WebServices Build requests to query and manipulate data Try out different test design techniques Going forward with the skills you've learnt
  4. 4. WELCOME TO 'THE BEST AT REST LTD' Creators of RESTFUL-BOOKER A restful webservice that allows hotels to store booking details about their guests
  5. 5. RESTFUL-BOOKER REQUIREMENTS 1. Must be able to create, read, update and delete bookings 2. Bookings must be searchable 3. Bookings must store the following items Guests name The price of their booking Whether they have paid a deposit The dates of their booking Any additional needs
  6. 6. GITHUB REPOS Restful booker: Slides: www.github.com/mwinteringham/restful-booker www.github.com/mwinteringham/reveal.js
  7. 7. POSTMAN Our test tool for the workshop
  8. 8. RESTFUL WEB SERVICE
  9. 9. WEB SERVICE 'A Web service is a software system designed to support interoperable machine-to-machine interaction over a network.' http://www.w3.org/TR/2004/NOTE-ws-gloss-20040211/#webservice
  10. 10. Mobile to Web Service UI Backend
  11. 11. Web Service to Web Service Reports Search
  12. 12. A service-oriented architecture
  13. 13. WHAT MAKES A SERVICE RESTFUL? Stateless Cacheable Uniform Interface Client-Server Layered System Code on Demand Identify a resource Manipulate a resource URIs HTTP A web service has to use specific standards to: http://c2.com/cgi/wiki?RestArchitecturalStyle
  14. 14. A RESTFUL WEB SERVICE EXAMPLE http://adrianmejia.com/blog/2014/10/01/creating-a-restful-api-tutorial-with-nodejs-and-mongodb/
  15. 15. REST-REPORTER https://github.com/mwinteringham/restful-booker rest-reporter is a C.R.U.D. service
  16. 16. CREATE READ UPDATE DELETE
  17. 17. READ
  18. 18. A TYPICAL HTTP READ REQUEST URI Path RI Host
  19. 19. UNIFORM RESOURCE IDENTIFIERS Resource Booking resource 1 _id: 5534e8cdbb97c77e0eb7ae51 Something the service exposes to the end user to interact with such as an image, video, html, text, etc. GET /booking/5534e8cdbb97c77e0eb7ae51
  20. 20. UNIFORM RESOURCE IDENTIFIERS scheme ://host :port /resource ?queryString http://localhost:3001/booking?name=mary
  21. 21. QUERY STRINGS A query string indicates additional actions you might want to apply to the resource/resources you want Returns all bookings between two dates whereas: GET /booking?checkin=2014-03-13&checkout=2014-05-21 Returns all the bookings GET /booking
  22. 22. CREATING QUERY STRINGS Query strings start with a ? after the resource path Are declared as key=value Multiple query declarations are joined using & For example: GET /booking?checkin=2014-03-13&checkout=2014-05-21
  23. 23. A TYPICAL HTTP READ REQUEST HTTP Verb
  24. 24. HTTP VERBS HTTP methods indicate an action the user would like to do on a resource CREATE = POST READ = GET UPDATE = PUT DELETE = DELETE
  25. 25. VERBS IN ACTION GET - Returns current bookings POST - Creates a new booking http://localhost:3001/booking http://localhost:3001/booking OPTION http://localhost:3001/booking Returns which Verbs can be used on a URI
  26. 26. A TYPICAL HTTP READ REQUEST eaders
  27. 27. HTTP HEADERS Define the operating parameters of an HTTP request such as: What is requesting the resource What format the resource should be in Authorisation that the resource can be requested And more: https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
  28. 28. HTTP HEADERS Adding headers can alter the behaviour of the service and its response Key: Value Outcome Accept: application/json JSON is returned Accept: application/xml XML is returned
  29. 29. A TYPICAL HTTP RESPONSE HTTP Status code
  30. 30. HTTP STATUS CODES Indicator of how the server has responded to the request you've sent 1xx Informational 2xx Success 3xx Redirection 4xx Client Error 5xx Server Error https://en.wikipedia.org/wiki/List_of_HTTP_status_codes
  31. 31. TYPICAL HTTP STATUS CODES 200 Server has carried out its actions successfully 404 URI path doesn't exist 403 You're not authorised to access the path 500 Server error 503 Service is unavailable
  32. 32. A TYPICAL HTTP RESPONSE Payload
  33. 33. TYPES OF PAYLOADS JSON id":"5534e8cdbb97c77e0eb7ae65", irstName":"Jim", astName":"Wilson", otalPrice":787, epositPaid":false, dditionalNeeds": "Breakfast", ookingDates":{ "checkIn":"2013-08-10T22:34:22", "checkOut":"2015-03-23T14:00:00" XML <_id>5534e8cdbb97c77e0eb7ae65</_id> <firstName>Jim</firstName> <lastName>Wilson</lastName> <totalPrice>787</totalPrice> <depositPaid>false</depositPaid> <additionalNeeds>Breakfast</additionalNeeds > <bookingDates> <checkIn>2013-08-10T22:34:22</checkIn> <checkOut>2015-03-23T14:00:00</checkOut > </bookingDates> HTML <p>5534e8cdbb97c77e0eb7ae65</p> <p>Jim</p> <p>Wilson</p> <p>787</p> <p>false</p> <p>breakfast</p> <ul> <li>2013-08-10T22:34:22</li> <li>2015-03-23T14:00:00</li> </ul>
  34. 34. ITERATION ONE - INVESTIGATING READ USERS STORIES As a user of restful-booker I want to be able to view all current booking IDs So that I can choose an ID to view the booking of GET /booking As a user of restful-booker I want to be able to search on the booking dates So that I can filter the relevant booking IDs I require GET /booking? checkin=*&checkout=* As a user of restful-booker I want to be able to retrieve a booking using its ID So that I can view the details of that booking GET /booking/{id} API can be found at: github.com/mwinteringham/restful-booker
  35. 35. What did you learn?
  36. 36. CREATE
  37. 37. A TYPICAL HTTP CREATE REQUEST Change in HTTP Verb ayload
  38. 38. PAYLOAD A representation of the resource you want to create through the service The parameters and the structure of the payload have strict rules. Which can also be known as a 'contract'
  39. 39. XML PAYLOADS <booking> <firstName>Mark</firstName> <lastName>test</lastName> <totalPrice>300.00</totalPrice> <depositPaid>true</depositPaid> <additionalNeeds>Breakfast</additionalNeeds> <bookingDates> <checkIn>11/11/2014</checkIn> <checkOut>12/11/2014</checkOut> </bookingDates> </booking> https://en.wikipedia.org/wiki/XML
  40. 40. JSON PAYLOADS { "firstName": "Mark", "lastName": "test", "totalPrice": 300.00, "depositPaid": true, "additionalNeeds": "Breakfast", "bookingDates": { "checkIn": "11/11/2014", "checkOut": "12/11/2014" } } http://json.org/
  41. 41. DATA TYPES { "firstName": "Mark", "lastName": "test", "totalPrice": 300.00, "depositPaid": true, "additionalNeeds": "Breakfast", "bookingDates": { "checkIn": "11/11/2014", "checkOut": "12/11/2014" } } String Number Boolean Dates (String)
  42. 42. ROBUSTNESS PRINCIPLE `Be conservative in what you do, be liberal in what you accept from others` Postel's law When sending a payload the service should conform to the contract being sent When receiving a payload the service should accept invalid data without error
  43. 43. POST RELATED HEADERS Key Value Content-Type: application/json, text/xml Content-Length: 157
  44. 44. ITERATION TWO - INVESTIGATING CREATE USER STORIES As a user of restful-booker I want to be able to create So that I can choose an ID to view the booking of POST /booking API can be found at: github.com/mwinteringham/restful-booker
  45. 45. What did you learn?
  46. 46. UPDATE/DELETE
  47. 47. AUTHORISATION Services generally have one or more layers of security such as: Basic access authentication Cookie based authentication This isn't an exhaustive list There may be other layers of security in place
  48. 48. HTTP HEADERS - COOKIES Cookies are also a type of header and can be added to a request Cookie: COOKIEVAL1=abc; COOKIEVAL2=def;
  49. 49. BASIC ACCESS AUTHENTICATION Comes in the form of a header Authorization Basic Base64(username:password) Authorization Basic dXNlcm5hbWU6cGFzc3dvcmQ= https://en.wikipedia.org/wiki/Basic_access_authentication
  50. 50. COOKIE BASED AUTHENTICATION POST /auth { username: admin, password: password123 } Response Set-Cookie: token=abc123 DELETE /booking/{id} Cookie: token=abc123
  51. 51. PUT Similar to POST but rather than create it updates However, in the real world that might not be the case: PUT vs POST in REST
  52. 52. DELETE Similar to GET but it deletes rather than reads the resource
  53. 53. ITERATION THREE - INVESTIGATING UPDATE / DELETE USER STORIES As a user of restful-booker I want to be able to protect create and delete functions So that I can protect the bookings from being changed or deleted POST /auth As a user of restful-booker I want to be able to update a pre- existing booking using its ID So that I can correct and errors made in a booking PUT /booking/{id} As a user of restful-booker I want to be able to delete a booking using its ID So that I can remove the booking DELETE /booking/{id} API can be found at: github.com/mwinteringham/restful-booker
  54. 54. What did you learn?
  55. 55. TAKING RESTFUL TESTING FURTHER
  56. 56. Mobile to Web Service UI UI testing Backend RESTful testing
  57. 57. AUTOMATION?
  58. 58. WRAPPING UP
  59. 59. THANK YOU Restful-booker - https://github.com/mwinteringham/restful-booker Slides - https://github.com/mwinteringham/reveal.js

×