API automation testing tool - Postman

API automation testing tool - Postman

• Author:  fengchang 
• Time: September 26, 2015 
• Category:  Tools

Since I started doing API development, I was looking for the right API testing tool. At first, I didn't really want to use Chrome extensions, but I used WizTools tools. Later, after I tried Postman once , I couldn't stop, and I bought paid Jetpacks. After launching the Team Sync Beta, I promoted the tool to teams as API documentation. I saw that there are not many articles about this tool on the Chinese Internet, so I decided to write a small article to introduce it.

1. Basic functions

The functionality of Postman is described in the documentation . However, the documentation is a bit long-winded, here is a brief introduction to the main interface, and the entry-level functions are all mentioned.

1. Collections: In Postman, Collections are similar to folders. Requests for the same project can be placed in a Collection for easy management and sharing, and folders can also be created in the Collection. If you do API documentation, each API can correspond to one request. If you want to test all kinds of inputs, you need to test one request per test. Here I created a new example to introduce the whole process. Five APIs correspond to five requests. This Collection can be https://www.getpostman.com/collections/c8f98a1120357e0d4a5aimported into your own Postman.

2. The black word registration above is the name of the request, and if there is a Request description, it will be displayed below it. The blue words below are the saved request results. Click to load the parameters and return values ​​of a request. I will use this function to show various return values ​​in different situations to colleagues who are clients. The button to save the request is at 15.

3. Where to choose HTTP Method, there are all kinds of common and uncommon ones.

4. Request URL, double curly brackets indicate that this is an environment variable, you can select the current environment at the position of 16, and the environment variable will be replaced with the value of the variable in the environment.

5. Click to set the key and value of URL parameters

6. Click to send request

7. Click to save the request to Collection, if you want to save as, you can click the down arrow on the right

8. Set authentication parameters, you can use OAuth or the like

9. Custom HTTP Header, some because Chrome is willing to customize or not, you need to install another plug-in Interceptor, in the satellite in the line above 16

10. Set the Request body, and the content of the body is displayed in 13.

11. Scripts executed before a request, such as the two random variables in the request body, are temporarily generated before each request.

12. The test executed after the response is received, the result of the test will be displayed in the position of 17

13. There are four forms to choose from, form-data is mainly used for uploading files. x-www-form-urlencoded is a common format for forms. raw can be used to upload JSON data

14. The format of the returned data, Pretty can see the formatted JSON, Raw is the unprocessed data, Preview can preview the HTML page

15. Click here to save the request to a location of 2

16. Set environment variables and global variables, click the x on the right to quickly view the current variables.

17. The result of the test execution, a total of several tests, passed several.

This interface is the main content of the free version. Compared with other API testing tools, it is easy enough to use. If you want to use automated testing, you need to buy Jetpacks for $9.99. If you don't want to buy it temporarily, you can try the Team version of Postman . Now it is free to try, not only has the function of Jetpacks, but also can synchronize Collection with other accounts.

2. Testing tools

The test tool mainly consists of three parts, the Pre-request that runs before the request is initiated, the Test that runs after the response is received, and the Collection Runner that runs all requests at once

1. Pre-request

The writing interface of Pre-request is as follows:

The language used for Pre-request and Test is JavaScript, Postman executes the code in a sandbox, and the libraries and functions provided to the user can be viewed here . The commonly used functions can be implemented through the Code Snippets on the right, and click to insert into the code area.

You can see that there are two commonly used functions in Pre-request, setting environment variables and setting global variables. The pre-request of this request is to generate a string as a random username before registration.

postman.setEnvironmentVariable("random_username", ("0000" + (Math.random()*Math.pow(36,4) << 0).toString(36)).slice(-4));

Other uses include getting the current timestamp and putting it in the parameter before making the request:

postman.setEnvironmentVariable("unixtime_now", Math.round(new Date().getTime()/1000));

Of course, it can also be used to generate a check string. In short, anything that needs to be manually modified before sending a request can be automatically implemented with scripts.

2. Test

The writing interface of Test is as follows:

Compared with Pre-request, Test's Snippets are much richer, such as checking status codes, checking response strings, validating JSON, checking headers, and limiting response time.

If you need to save the data responded by the server and use it in subsequent requests, you also need to do this in this step.

In the Test in the figure, I first checked that the status code is 200, then parsed the returned JSON, and set the token in the environment variable to the token in the JSON.

3. Collection Runner

After writing a lot of tests, you can use the Collection Runner to automatically run the entire Collection. The entry is on the Runner on the top line of the main interface. Select Collection, Environment, and load JSON and CSV as data sources if necessary. Click Start Test Run to see the results.

Here you can see that a total of 5 requests have been initiated, and each request has a Test and all Passes. (Although the return of the last request is 403, the expected return value of this request is 403, so it is also Pass)

3. Examples

Finally, take a complete look at the routine I use. This example is a very simple small system. Users can register and log in, and then create a new recharge card in the system and recharge this card. The whole process is as follows:

1. Registration

Generate a random string as username and nickname

postman.setEnvironmentVariable("random_username", ("0000" + (Math.random()*Math.pow(36,4) << 0).toString(36)).slice(-4));

make a request

POST /index.php/users HTTP/1.1
Host: postmanexample.sinaapp.com
Cache-Control: no-cache
Postman-Token: 76791813-aac2-71fb-cad4-3e737f37c4d0
Content-Type: application/x-www-form-urlencoded

username=2mjk&password=123456&nickname=2mjk

Run tests, check results

tests["Status code is 201"] = responseCode.code === 201;

2. Login

Directly use the environment variable just generated to initiate the request

POST /index.php/authentication HTTP/1.1
Host: postmanexample.sinaapp.com
Cache-Control: no-cache
Postman-Token: aac7d0ac-e0e3-ecf2-39da-b8dca672e3d7
Content-Type: application/x-www-form-urlencoded

username=2mjk&password=123456

Run the test, check the results, and log the returned token

tests["Status code is 200"] = responseCode.code === 200;

var data = JSON.parse(responseBody);
postman.setEnvironmentVariable("token", data.token);

3. Add a card

First generate a card number and card name

postman.setEnvironmentVariable("random_cardno", Math.round(Math.random()*9999999));

postman.setEnvironmentVariable("random_cardname", ("0000" + (Math.random()*Math.pow(36,4) << 0).toString(36)).slice(-4));

Then initiate a request. Here, the Token obtained just now is called, and it is placed in the custom field of the header as authentication (SAE cannot use the field of Authorization, I don’t know why)

POST /index.php/cards HTTP/1.1
Host: postmanexample.sinaapp.com
X-Authorization: d4c4a0b7b36c73e7a13b7e24a596093b
Cache-Control: no-cache
Postman-Token: d44d573f-f17a-366c-2cd7-1d5b8b709233
Content-Type: application/x-www-form-urlencoded

cardno=1385526&desc=2mo8

run the test

tests["Status code is 200"] = responseCode.code === 200;

4. Query the card just generated

Initiate a request and call the card number just generated

GET /index.php/cards/1385526 HTTP/1.1
Host: postmanexample.sinaapp.com
Cache-Control: no-cache
Postman-Token: 1e5aca57-c3bb-7404-2791-c639cd60b5c8

Run the verification, compare it with the card name just generated, and record the ID of the new card

var data = JSON.parse(responseBody);
tests["check cardname"] = data.desc === environment.random_cardname;

postman.setEnvironmentVariable("new_card_id", data.id);

5. Top up

Initiate the request, using the new card ID just obtained

POST /index.php/deposit HTTP/1.1
Host: postmanexample.sinaapp.com
X-Authorization: d4c4a0b7b36c73e7a13b7e24a596093b
Cache-Control: no-cache
Postman-Token: 388c95e0-b5ce-9bbf-5816-084db7523384
Content-Type: application/x-www-form-urlencoded

cardid=1&amount=10

Run verification (because it is a newly created user, there is no balance, and the card cannot be recharged, so 403 Forbidden is returned)

tests["Status code is 403"] = responseCode.code === 403;

PS postmanexample.sinaapp.comThis website is real, you can import the Collection( https://www.getpostman.com/collections/96b64a7c604072e1e4ee) I uploaded to your own Postman, and set the environment variable urlto http://postmanexample.sinaapp.com/index.php, then you can run the Collection to see the effect.