1. What is interface testing?
Interface testing is a type of testing that tests the interface between system components. Interface testing is mainly used to detect the interaction points between the external system and the system and between the various internal subsystems. The focus of the test is to check the data exchange, transfer and control management process, as well as the mutual logical dependencies between systems.
2. Why do interface testing ?
1. Interface testing is relatively easy to achieve automated continuous integration, and is relatively stable compared to UI automation, which can reduce labor costs and time for manual regression testing, shorten the testing cycle, and support the need for rapid back-end release.
2. From the perspective of security: only relying on the front-end for restrictions can no longer meet the security requirements of the system (it is too easy to bypass the front), and the back-end needs to be controlled as well. In this case, it needs to be verified from the interface level. . Secondly, it is also necessary to verify whether the information such as front-end and back-end transmission, log printing and other information is encrypted and transmitted, especially involving the user's private information, such as ID cards, bank cards, etc.
Having said so much, how to design interface test cases? When designing test cases, these 9 aspects can be considered:
1. Basic functional test (business test):
The business process rules and usage scenarios of each interface must be clear, and use cases that conform to the business logic and interface usage scenarios must be designed. Ensure that the basic functions of each interface are normal
2. Boundary analysis test:
On the basis of basic functions, the influence of input and output parameters is considered. The main methods used are equivalence class division and boundary value methods.
Override all parameters
Combining optional parameters
Whether or not the parameter is empty
Order, number, and type of parameters
parameter value type value size and range of input parameters
Parameter string length
parameter contains special characters
3. Combination test of parameters:
Based on the above-mentioned boundary values, various combinations of input conditions and mutual constraints between input conditions are considered, and as many combinations of parameters as possible are covered.
4. Abnormal situation test
Whether the interface implementation handles all exceptions, some internal exceptions are not necessarily caused by the input data, but may be caused by other logic, the program needs to handle any exceptions, for example: an interface needs to log in first Get the session, if you directly call this interface, it should give a corresponding prompt, whether to prompt the login failure.
5. Repeatedly submit the power level test of the interface
To put it simply, it is time to test for the situation of continuous repeated submission, especially in the scenario involving transaction amount, it is necessary to verify how the software handles it.
6. Multi-user concurrent testing
That is, when two or more users operate the same scene at the same time, it may lead to competition for resources, deadlock and other phenomena.
7. Transactional testing
This is for a business process with multiple operation steps. If one operation fails, the entire operation needs to be rolled back, or the reverse interface of the previous interface is called to cancel the operation.
8. Test when large data volume
It is the efficiency of adding, deleting, modifying, and querying the database when there are many database data, such as millions of levels.
9. Anomaly testing of the environment
When the related system is down, the request times out, or there is no response, the interface must return the correct prompt information, the business logic must be correct, and the business logic must not be inconsistent.
Well, after designing the test case, it is necessary to execute the test and verify the correctness of the test result. Here are some aspects that need to be paid attention to in the test verification point:
A. The interface returns data
a) Whether the hierarchical relationship of the returned json data is consistent with the document, and the structure of the data returned in the json format cannot be inconsistent with the document, otherwise there will be problems in the data display when the front-end data or other system call interfaces are used. Note: The data returned by the interface is in json format, and the data is general and applicable to any system.
b) Numerical type data : especially the amount, whether negative numbers and decimals are converted to json and output correctly
c) The data returned by the interface is consistent with the interface documentation
d) The data returned by the interface is consistent with the database
e) The data returned by the interface conforms to the business logic (such as the transfer function, deducting money from one account, and adding the corresponding amount in the other)
f) For lists, it should be based on the request parameters, and it should also verify whether the length of the list is consistent with the expected value
g) Negative test cases, should verify that ERROR INFO matches actual
B. database
a) Consistency between the incoming data of the interface and the data inserted into the DB:
b) When a front-end operation involves multiple tables in the back-end DB, each table must be checked for data correctness.
C. Security level:
a) When the data returned by the back-end interface to the front-end contains sensitive information (such as name, ID number, card number, mobile phone number, encrypted password, etc.), it cannot be transmitted in plain text and needs to be encrypted.
b) Logging in the background requires that sensitive information cannot be typed out, or desensitized with asterisks and typed out, specifically:
1) ID number, user password (including encrypted), user mobile phone number, user name, bank card number
2) When the ID number desensitization field is birthday, the birthday cannot be printed in the log
D. Performance level:
a) Interface response time: The time for the interface to process data is also a point of concern for testing. Involving the internal is the optimization of algorithms and codes
b) Interface data packet size: The size of the data packet transmitted by the interface also needs to be paid attention to, especially the interface returned to the front end, and the data packet size of different interfaces needs to be limited.
c) Concurrency carrying capacity: The interface can carry the concurrency in the contract when multiple users are concurrent.
3. Common tools for interface testing
1. The use of jmeter
First of all, let's talk about the three points that we often use in scripts, namely checkpoints, associations, and parameterization.
Checkpoint: First of all, the checkpoint of jmeter is implemented with assertion. There is a special checkpoint function in lr, so why use checkpoint? In fact, the function of the checkpoint is to automatically detect whether the business request is really successful, especially when testing the interface, we usually emphasize the success rate of the transaction request, and the tool determines whether the request is successful or not according to the status code returned by the server, as long as It is not 4XX (client request error) or 5XX (server exception) to determine that the request is wrong, but if the login fails, the server will not return the above 4XX and 5XX status codes, then jmeter will consider the request to be successful. Therefore, it is impossible to determine whether the request service needs to be checked by adding a checkpoint to detect whether the request is successful.
Associations: When to use associations? That is, the subsequent request needs to use the dynamically changed value returned by the previous request, otherwise the request will be considered illegal and the server will reject the request. The general associations are roughly divided into two categories, one is the dynamically changing value that the server needs to verify, and the other is the integer of the int type, which is associated with other data parameters in the database, or where in the fill-in request conditions, etc. I won't go into details here.