Understanding and testing Web Services - Created by Mark Winteringham / @2bittester © 2016
Available at http://mwtestconsultancy.co.uk/presentations/understanding_web_services_lite
Please load up Google Chrome and install
POSTMAN | www.getpostman.com |
POSTMAN Interceptor | www.getpostman.com/features#interceptor |
Explore what is a Web Service
Build different requests to query and manipulate data
Try out different test design techniques
Going forward...
A webservice that allows hotels to store booking details about their guests
Restful booker: www.github.com/mwinteringham/restful-booker
API details are in the README
Our test tool for the workshop
'A Web service is a software system designed to support interoperable machine-to-machine interaction over a network.'
http://www.w3.org/TR/2004/NOTE-ws-gloss-20040211/#webserviceMobile to Web Service
UI
Backend
Web Service to Web Service
Reports
Search
A service-oriented architecture
Resource
Booking resource:
id: 1
Something the service exposes to the end user to interact with such as an image, video, html, text, etc.
scheme ://host :port /resource ?queryString
http://localhost:3001/booking?name=mary
A query string indicates additional actions you might want to apply to the resource you want
GET /booking?checkin=2014-03-13&checkout=2014-05-21
Returns all bookings between two dates whereas:
GET /booking
Returns all the bookings
For example:
GET /booking?checkin=2014-03-13&checkout=2014-05-21
- | Returns current bookings | |
- | Creates a new booking |
OPTION http://localhost:3001/booking
Returns which Verbs can be used on a URI
"booking": { "firstname": "Sally", "lastname": "Brown", "totalprice": 111, "depositpaid": true, "additionalneeds": "Breakfast", "bookingdates": { "checkin": "2013-02-23", "checkout": "2014-10-23" } }
<created-booking> <booking> <firstname>Sally</firstname> <lastname>Brown</lastname> <totalprice>111</totalprice> <depositpaid>true</depositpaid> <additionalneeds>Breakfast</additionalneeds> <bookingdates> <checkin>2013-02-23</checkin> <checkout>2014-10-23</checkout> </bookingdates> </booking> </created-booking>
Indicator of how the server has responded to the request you've sent
1xx | Informational |
2xx | Success |
3xx | Redirection |
4xx | Client Error |
5xx | Server Error |
200 | Server has carried out its actions successfully |
404 | URI path doesn't exist |
403 | You're not authorised to access the path |
500 | Server error |
503 | Service is unavailable |
A representation of the resource you want to create through the service
The parameters and the structure of the payload have strict rules
Which can also be known as a 'contract'
{
"firstName": "Mark",
"lastName": "test",
"totalPrice": 300.00,
"depositPaid": true,
"additionalNeeds": "Breakfast",
"bookingDates": {
"checkIn": "11/11/2014",
"checkOut": "12/11/2014"
}
}
String
Number
Boolean
Dates (String)
`Be conservative in what you do, be liberal in what you accept from others`
Postel's law
Define the operating parameters of an HTTP request such as:
And more: https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
Adding headers can alter the behaviour of the service and its response
Key: | Value | Outcome |
Accept: | application/json | JSON is returned |
Accept: | application/xml | XML is returned |
Content-Type: | application/json | JSON is accepted |
Content-Type: | text/xml | XML is accepted |
Services generally have one or more layers of security such as:
This isn't an exhaustive list
There may be other layers of security in place
Comes in the form of a header
Authorization | Basic Base64(username:password) |
Authorization | Basic dXNlcm5hbWU6cGFzc3dvcmQ= |
POST /auth
{ username: admin, password: password123 }
Response
Set-Cookie: token=abc123
DELETE /booking/{id}
Cookie: token=abc123
Similar to POST but rather than create it updates
However, in the real world that might not be the case:
Similar to GET but it deletes rather than reads the resource
Mobile to Web Service
UI
Backend
Restful-booker - https://github.com/mwinteringham/restful-booker
Slides - http://mwtestconsultancy.co.uk/presentations/understanding_web_services_lite