[Test interview] The book you want, a complete collection of software interface test interview questions (summary) - with answers

Contents: Guide

foreword

1. What is the main purpose of interface testing?

Software testing interview questions: https://www.bilibili.com/video/BV1Lq4y137aR/

Two other questions: the value and significance of interface testing? Why do interface testing?

The main purpose is to verify whether there is any problem with the business logic of the background server, and improve the efficiency of testing.
①The lower the bottom layer is to find bugs, the lower the repair cost.
②When the front-end page is frequently modified, the interface test will not be affected by the change of page elements
. For example, Jingdong shopping, the front-end price cannot be passed in -1 yuan, but
-1 yuan can be passed in through the interface
. ④The complexity of today’s systems continues to rise, and the cost of traditional testing methods has increased sharply. Test efficiency has dropped significantly, and interface automation testing can improve test efficiency
⑤Interface testing is relatively easy to achieve automated continuous integration, and is relatively stable compared to U automation, which can reduce labor, regression testing labor costs and time, and shorten the testing cycle

2. What is the difference between the interface test and the usual Ul test?

In fact, the focus of the two tests is different. Because there is no interface, more consideration is given to the background server for requests, processing logic issues, and business interaction. The test is whether the background "fault tolerance mechanism" is complete;

The ui will pay more attention to the functions of page display, data conversion, interface sorting, and of course the background data processing. The ui test actually includes the interface test. The use cases of system functions are more comprehensive, not only interface, but also business function use cases, as well as use cases of other user scenarios, function entry use cases, process use cases, and interface testing mainly sets use cases according to various input scenarios.

3. Given a new interface, how do you design use cases?

First of all, for each interface to be tested, it is necessary to figure out the function of this interface, what is its function, what protocol is needed to be familiar with this business function, what is the request method, and what are the parameters of the interface.

The role of each parameter must be clarified, such as the type of number, whether there are constraints, whether it is required, length, other restrictions, etc. If there is a relationship between the two parameters, we also need to consider the combination of parameters For scenarios, if you don’t understand the parameters, you will usually communicate with the developer, and then consider the type of returned data, what is the return code and return information in the returned data, and use the above points to refine test points and design use cases.

Parameter constraints - length, required items, format, data type
Business field most - correct business scenario; wrong business scenario; abnormal scenario: insufficient server space
Combined scenario - interdependence: mobile phone and verification code, user name and verification code ;
Mutually exclusive: choose one of the two, of course there are boundary value equivalence classes, etc.

Jmeter test process, the steps are as follows:
create jmeter thread group, add HPPT request-input protocol-domain-port-path-encoding-request method-request parameter-start

Jmeter test process:
first demand, then write test points according to demand and convert them into test cases, write test scripts according to test cases; execute test scripts; submit
BUG, track BUG

4. When will you test the interface?

Generally, it will be done if there is a need. After the background interface is developed, the test can be started. Exceptions, if new requirements are added, interface testing must also be done, and if the development modifies the background interface, and the interaction logic changes, we also need to re-test the interface.

5. How do you check and analyze the interface?

We mainly look at the return value of the interface based on the input parameters. For the return value, I mainly pay attention to several points:
1. Status code;
2. Prompt information;
3. The specific content of the returned data. According to the description of the interface document, check whether these three points meet the interface requirement document;
4. If you want to check the database, connect to the database to obtain data and compare it with the returned data.
If it is not satisfied, there is a problem. If it is satisfied, it will pass. If there is a bug, we will first analyze the reason and retest. If there is still a problem, submit the bug to the development, let the development fix it, and then return to the test

6. How to test the interface that depends on the third party?

1. If a third-party interface is required, the interface document
2. Send the request to the third-party interface, and check whether the data returned
by the third-party interface is correct. The data returned by the three-party interface is incorrect

This third-party interface of our company, we are all connected, such as e-commerce, we call the WeChat interface, etc., are all connected, for example, to test the third payment of the order, we open a store by ourselves, and set up our own payment collection account, and then pass the product design for 1 cent to test.

If we don't get through, we can basically only capture packets, mainly to ensure that the data we send out conforms to the requirements documents, and then before the actual launch, we will do a joint debugging test in the pre-production environment, connect the respective systems together, and do There is no problem with a joint debugging test

We can go live, basically

How is the joint debugging test done?
In fact, the joint debugging test is a data pull-through test. The two subsystems are connected together to form a complete system, and then the data is downloaded from the upstream, and the data is received from the downstream to see if the transmitted data meets the requirements of the downstream system. Then the downstream performs operations. , return the data to the upstream, and notify the upstream that the data has been returned.

The upstream checks whether the returned data meets the requirements. If there is no problem, the data will be pulled through successfully. This is all executed according to the use case. The upstream and downstream will produce a use case together. Both sides have passed the review, and then execute according to the test case. If the use case test passes, then the joint debugging is completed.

7. How does your interface authenticate?

1. Through user and password, auth authentication
2. Through cookie and session
3. Through token
4. Through sign

Now apps are generally authenticated through tokens, some are authenticated by putting tokens in the request header, some are authenticated by putting the field of singn signature in the body, and the general web is authenticated through sessions

8. What is the difference between cookie, session and token?

They are all used for authentication. The difference is like this:
1. Now cookie and session are generally used together. When the user logs in for the first time, the server will create a session to generate a sessionID, and the sessionID is stored in the cookie. Then return to the client and save it in the browser.

Every time the client sends a request, it will bring this value to the server for authentication and session tracking, or time-sensitive verification

2. Token is similar to cookie and session. Through the algorithm, each check will generate a long string of random strings, which are usually placed in the returned body or returned headers. They are all generated by the server. Bringing it over is for verification and aging verification.

Generally, more tokens are used in the app, and more authentication methods using cookies and sessions are used on the web side.

9. How to use JMeter to upload files?

Another way to ask: Have you ever done an interface for file upload, and how to do it specifically?

To test the interface for uploading files, a column for passing request parameters in JMeter's http request component is specially provided for file uploading. There are several contents that need to be filled in, one is the path of the file, and the other is the It will be the parameter name, and the MlME type is the type of the file to be uploaded, so that's it.

10. How does JMeter handle the request parameters that need to be encrypted?

Here first let the development write an encrypted and decrypted jar for us, and JMeter directly calls this jar for encryption and decryption processing

1. First, you need to put the encrypted and decrypted jar package file developed by the development into the lib/ext directory of jmeter
2. There is an add Directory or jar to classpath in the test plan, specify the path of the jar here, and add the required jar package
3. Add Beanshell PreProcessor to the preprocessor of jmeter and then add java code to it.
Specifically:
first import the encryption algorithm class in the encryption package that needs to be used;
if you want to encrypt the request parameters in json format, assemble json format data;
call the function in the encryption class to encrypt the parameter data in json format, if only encrypting a specific parameter, then encrypt that parameter; then save the encrypted data
to a variable of jmeter That's it.
4. Finally, just refer to this variable directly in the message body.

The specific code is as follows:
Jmeter call

import com changfu EncryptAnd Decryptinterface;  #导入加密类
String json_str =
"{
    
    \"Username\":\"amycheno2\"，\"password\"：\"F59BD65F7EDAFB087A81D4DC
AO6c4910\",\"deviceNo\",\"35584806988942\")";				#请求的参数

Call the function in the encryption class to encrypt the request parameters.

String enpost= EncryptAndDecryptinterface.getEncryptPost(json_str);   #将请求参数加密
vars put("enpost"，enpost);			#将加密处理后的数据存到 jmeter变量中

The following is the most complete software test engineer learning knowledge architecture system diagram in 2023 that I compiled