The interfaces discussed in this article are service-level interfaces, not code-level interfaces.

what is an interface

Before discussing why to do interface testing, we can understand a little bit about what an interface is?

The interface can be very inaccurately understood as dealing with resources, and the resources may belong to this system or other systems.

For example, if we are developing a bug management system, the system needs to get the information of all developers and testers in the company, so that developers and testers can log in without registering, which should be well understood.

So where is the information about these people stored? Generally stored in the hr system. Now the requirements are more clear, we have to go to the hr system to get personnel information and obtain personnel resources in the hr system.

How to get it? There are many ways to directly copy a copy of the database of the hr system and put it into the bug management system, but this is not good, because the synchronization of the data will be a bit troublesome; you can also directly check the database of the hr system, which is not very good. , so we need to understand the data storage structure and logic of the hr system. Once the data fields of the hr system change, the bug management system also needs to go there for synchronization.

A better practice is that the hr system exposes some interfaces through which personnel information resources can be obtained, so that the bug system does not need to care about the data storage implementation of the hr system.

These interfaces might look like this:

  • The login interface provides the user name and password of the person, and goes to the hr system to determine whether the person exists. If there is a verification user name and password, if the verification is passed, it will return a token, which is the pass of the person. Through the token, you can log in to bug management system;
  • The interface for obtaining personnel information, returning the position of the person: testing or development, as well as user name, nickname and other information;

To sum up: the interface can be understood as a way of resource exchange between different systems or modules;

Interface testing is actually black box testing

As a black box test, the basic test idea is to judge the logic of the system or object under test through the input and output.

To get the information of the person, I need to pass the user name of the person to the hr system interface, so that the interface of the hr system will return some more specific information to my user. Here the input is the username and the output is the user's details.

Why do interface testing

Since it is the way to obtain and operate resources through the interface, in most systems and products, resources are generally the core of the product. For example, the core resources of WeChat are the address book relationship chain and chat records, etc., so resources must be tested.

In addition, most of the content in the interface is data. Through the comparison of the data, we can infer the logic of the system and the product. The test interface is the test logic.

The return in the final interface is relatively simple. Unlike web pages, there are too many UI things in the html code. The UI is the most unstable and changes too fast. The interface is relatively stable, but there is less interference information in it, and the assertion is relatively easy. .

How to write interface test cases

Or the 3A principle:

  • A: arrange initializes the test data, which is to create the data. The data here includes the data we input and the resources involved in the target interface, such as the user information in the hr system. We must have the detailed information of several personnel before we can test and obtain it. The interface of personnel information (of course, it is just a normal process, we sometimes need to clear the data to test the situation when the resource is empty);

  • A: act calls the interface and passes in the input data;

  • A: assert assertion, assert the returned resource information. For example, after the interface for obtaining user information returns the user information, we need to determine whether the returned user is the user we want. What we obtain is the information of Li Lei, the interface If Han Meimei is returned, the logic of the interface is wrong;

 

What are common

Interface test cases between services

The interface test between services is actually a black box test, and the 3A principles are also applicable to the writing of such test cases

  • A: arrange initializes the test data, which is to create the data. The data here includes the data we input and the resources involved in the target interface, such as the user information in the hr system. We must have the detailed information of several personnel before we can test and obtain it. The interface of personnel information (of course, it is just a normal process, we sometimes need to clear the data to test the situation when the resource is empty);
  • A: act calls the interface and passes in the input data;
  • A: assert assertion, assert the returned resource information. For example, after the interface for obtaining user information returns the user information, we need to determine whether the returned user is the user we want. What we obtain is the information of Li Lei, the interface If Han Meimei is returned, the logic of the interface is wrong;

For example (python)

def test_get_task_by_id(self):
# arrange create_task_res = self.create_task('test', 'desc') new_id = create_task_res['id'] # act url_for_get_by_id = self.ip + '/api/tasks/' + str(new_id) res = requests.request("GET", url_for_get_by_id).json() # assert self.assertEqual(res['id'], new_id)

 

Interface

  • Ctrip booking air tickets, the information of air tickets is generally obtained through the interface of major airlines;

  • Taobao's logistics information, generally Taobao's logistics information is obtained through the interface of each logistics company;

  • The third-party Weibo client, the personal user's Weibo and other information are obtained through the Weibo interface;

Common interface testing tools

  • postman : Recommended. Basic functions are free. The simplest debugging and testing tool based on http interface;
  • jmeter : The post-processor and assertion can basically meet the requirements of interface testing, that is, the test report needs to be developed for the second time
  • Code it yourself: Recommended. With a similar xunit test framework, it can basically meet all needs;
  • soapui : chargeable;
  • insomnia : Strongly recommended. The weakened version of postman, the basic functions are free, the important thing is that the tool code is open source, you can change it yourself;
  • paw : Strongly recommended. The strongest on mac, Taobao seems to be a hundred dollars to buy an authorization;

Interface test interview question original picture

reference answer

1

Tps is throughput, transaction per second.

The decrease in throughput may be due to frequent access to redis, and the reason for frequent access to redis is that there are too many parameters. The solution is easy to think of: reduce parameters.

We can turn multiple sets of parameters into one parameter such as a json string, so as to achieve the effect of not reducing the amount of information and reducing the number of parameters.

2

Symmetric encryption: Both parties of the information exchange use the same key to encrypt and decrypt, just like opening a lock with the same key

Asymmetric encryption

Public-key cryptography, also known as asymmetric cryptography, is an algorithm in cryptography that requires two keys, a public key and a Private key; when one is used for encryption, the other is used for decryption. The ciphertext obtained by encrypting the plaintext with one of the keys can only be decrypted with the corresponding other key to obtain the original plaintext; even the key originally used for encryption cannot be used for decryption. Since encryption and decryption require two different keys, it is called asymmetric encryption; it is different from symmetric encryption, which uses the same key for both encryption and decryption. Although two keys are mathematically related, if you know one of them, you cannot calculate the other based on it; therefore, one of them can be made public, called the public key, and released arbitrarily; the undisclosed key is the private key , must be kept strictly secret by the user, never be provided to anyone by any means, and will not be disclosed to the other party to communicate, even if he is trusted.

Based on the characteristics of public key encryption, it also provides the function of digital signature, so that electronic documents can be obtained as if they were signed by hand on paper documents.

How to test: slightly

3

The collaboration between UI and interface testing can be considered from the following directions

  • The operation of the UI is actually to call the interface in another way, so how many parameter combinations the interface has will require the UI use case to construct how many operations to call
  • The data required for UI operations can be generated using the interface
  • Interface testing can ensure the accuracy of data and logic, and UI testing needs to consider the logical correctness of interaction and interface display
  • UI testing needs to pay attention to the presentation method and user experience of the UI when the interface call is unsuccessful or the interface is abnormal
  • There may be some state cache information in the UI (so that you do not need to call the interface frequently to get it), such as authentication information, etc., you need to focus on the update strategy of these caches

4

The data dependency of the upstream and downstream interfaces is nothing more than preparing test data.

If a transaction needs to call three interfaces in sequence, ABC, C depend on AB, and AB has data dependencies, then you need to prepare the data of A and B.

There are generally two ways to generate data

  • Dynamic method: If B relies on data created by A, then A must be executed to create data before each execution of B

  • Static method: independent and unified test database, the data needed by ABC can be obtained from the library

5

If you rely on a third party to mock it, you can write your own mock server

6

Depending on the login state, the login interface needs to be called before each test of the interface

If it is a token based auth such as jwt, it is enough to provide a token every time the interface is called

7

I don't know, I feel that the understanding of the questioner may be a bit biased.

8

The modified interface, that is, the update interface generally only needs to pass: the updated field and the primary key of the updated entity, such as id.

This is common sense in development. If you have studied the jsonapi specification, you can directly apply the design of jsonapi to explain.

9

swagger documentation can solve this problem.

10

Can't see clearly.

Summarize

The topic involves some development knowledge points, which is normal. Now, the development foundation is generally also examined during the test interview.

In general, the questions are not too difficult, and I hope these answers will be helpful to everyone.