Understanding and testing RESTful Web Services - Created by Mark Winteringham / @2bittester © 2017
Available at http://mwtestconsultancy.co.uk/presentations/understanding_web_services/
Please install the standalone POSTMAN app
POSTMAN | https://www.getpostman.com/apps |
Explore what is a Web Service
Discover different test design techniques
Build different requests to query and manipulate data
Going forward with the skills you've learnt
Creators of RESTFUL-BOOKER
A webservice that allows hotels to store booking details about their guests
Restful booker: www.github.com/mwinteringham/restful-booker
API details are in the README
Our test tool for the workshop
'A Web service is a software system designed to support interoperable machine-to-machine interaction over a network.'
http://www.w3.org/TR/2004/NOTE-ws-gloss-20040211/#webserviceMobile to Web Service
UI
Backend
Web Service to Web Service
Reports
Search
A service-oriented architecture
scheme://host:port/path/to/resource?queryString
http://localhost:3001/booking/1?name=mary
HTTP | - | Web |
FTP | - | File transfer |
SMTP | - |
192.168.1.254
80
443
Resource
Booking resource:
id: 1
Something the service exposes to the end user to interact with such as an image, video, html, text, etc.
A query string indicates additional actions you might want to apply to the resource you want
GET /booking?checkin=2014-03-13&checkout=2014-05-21
Returns all bookings between two dates whereas:
GET /booking
Returns all the bookings
For example:
GET /booking?checkin=2014-03-13&checkout=2014-05-21
HTTP methods indicate an action the user would like to do on a resource
rest-reporter is a C.R.U.D. service
Create | = | POST |
Read | = | GET |
Update | = | PUT |
Delete | = | DELETE |
- | Returns current bookings | |
- | Creates a new booking |
OPTION http://localhost:3001/booking
Returns which Methods can be used on a URI
"booking": { "firstname": "Sally", "lastname": "Brown", "totalprice": 111, "depositpaid": true, "additionalneeds": "Breakfast", "bookingdates": { "checkin": "2013-02-23", "checkout": "2014-10-23" } }
<created-booking> <booking> <firstname>Sally</firstname> <lastname>Brown</lastname> <totalprice>111</totalprice> <depositpaid>true</depositpaid> <additionalneeds>Breakfast</additionalneeds> <bookingdates> <checkin>2013-02-23</checkin> <checkout>2014-10-23</checkout> </bookingdates> </booking> </created-booking>
What did you learn?
A representation of the resource you want to create through the service
The parameters and the structure of the payload have strict rules
Which can also be known as a 'contract'
`Be conservative in what you do, be liberal in what you accept from others`
Postel's law
{
"firstName": "Mark",
"lastName": "test",
"totalPrice": 300.00,
"depositPaid": true,
"additionalNeeds": "Breakfast",
"bookingDates": {
"checkIn": "11/11/2014",
"checkOut": "12/11/2014"
}
}
String
Number
Boolean
Dates (String)
Define the operating parameters of an HTTP request such as:
And more: https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
Adding headers can alter the behaviour of the service and its response
Key: | Value | Outcome |
Accept: | application/json | JSON is returned |
Accept: | application/xml | XML is returned |
Content-Type: | application/json | JSON is accepted |
Content-Type: | text/xml | XML is accepted |
What did you learn?
Services generally have one or more layers of security such as:
This isn't an exhaustive list
There may be other layers of security in place
Comes in the form of a header
Authorization | Basic Base64(username:password) |
Authorization | Basic dXNlcm5hbWU6cGFzc3dvcmQ= |
POST /auth
{ username: admin, password: password123 }
Response
Set-Cookie: token=abc123
DELETE /booking/{id}
Cookie: token=abc123
Similar to POST but rather than create it updates
However, in the real world that might not be the case:
Similar to GET but it deletes rather than reads the resource
What did you learn?
Mobile to Web Service
UI
Backend
Restful-booker - https://github.com/mwinteringham/restful-booker
Slides - http://mwtestconsultancy.co.uk/presentations/understanding_web_services/