Interface concept
1. What is an interface --- a channel for transferring data
Interface test: It is a test for testing the interface between system components.
The interface mainly includes: the interface between modules in the same system/front-end and front-end interfaces , and the other is cross-system platform docking ( internal interface , external interface)
PS: It belongs to the black box test (functional test), the front-end or the middle part
Principle: simulate the client to send a request to the server, there is no page
1.1 Server Architecture
Test shift left: Intervene as early as possible --- code completes the function, go to test --- interface test a point
Shift testing to the right: ensure the correct operation of the product after it goes online, and establish a mechanism so that online bugs can be discovered and dealt with as early as possible or before users
1.2 Interface test: request url+parameters/conditions, implemented by tools/code
2. Interface classification - --The addresses that the functional modules can access externally
1) Classification of interfaces:
internal interface: login interface registration interface query interface
external interface: login interface (third party) payment interface --- calls between products
2) Common interface types/protocols
HTTP type/protocol: Get data through GET or POST, which is more efficient in data processing
Webservice type/protocol: Obtain data through the soap protocol, which handles more complex data types than http, and is essentially the http protocol [ Websocket dubbo type → expand later ]
3) HTTP common interface request methods: get, post
The difference between the two: WeChat subscription number https://www.cnblogs.com/zymnstlm/p/9479634.html
3. Why do interface tests
1) The complexity of today's systems continues to rise, the cost of traditional testing methods increases sharply and the test efficiency drops sharply, interface testing can provide a solution in this case
2) Interface testing is relatively easy to achieve automated continuous integration, and is relatively stable compared to UI automation, which can reduce labor costs and time for manual regression testing, shorten the test cycle, and support the rapid release of back-end requirements. Why can interface continuous integration be low- cost The source of high returns.
3) Many systems now have separate front-end and back-end architectures. From a security perspective:
①Relying only on the front-end for restrictions can no longer meet the security requirements of the system (it is too easy to bypass the front-end), and the back-end needs to be controlled as well. Here In this case, it is necessary to verify from the interface level
②Whether information such as front-end and back-end transmission, log printing, etc. is encrypted and transmitted also needs to be verified, especially when it involves the user's private information, such as ID card, bank card
4 How to view the interface
- Requirements Documentation: What You Must Learn and Master
- Packet capture: F12 OR fiddler
5 common HTTP status codes: 14 common HTTP status codes returned by the server
200 (Normal) : Indicates that everything is normal, the server has arrived, and the server has responded to your request normally
302 (temporary redirection): Indicates that the requested document has been temporarily moved elsewhere, and the new URL of this document is given in the Location response header
304 (unmodified): Indicates that the version cached by the client is the latest, and the client should continue to use it, such as: front-end Js --- performance testing
403 (Forbidden): The server understood the client request, but refused to process it. Usually due to permission settings for files or directories on the server
404 (not found) : The resource requested by the client does not exist on the server --not found address error
500 (Internal Server Error): The server's CGI, ASO, JSP and other programs have errors
504: timeout
- Interface document analysis
1. Interface testing process/step---how to do interface testing?
1) Obtain and analyze interface requirements
2) Write interface test cases & review test cases
3) Project environment deployment ( if required by the company )
4) Execute testing & tool selection
5) Submit bugs and follow up
6) The interface test report needs to be sorted out separately ( the company will do it if required )
Knowledge reserve :
- Software Testing Fundamentals: Writing Use Cases/Designing Methods
- Linux command---view log
- Tomcat framework --- view logs
- Database knowledge/observe the data flow in the data table---analyze the business
- Mastery of interface concepts
- Mastery of tools: browser/plug-in/Jmeter/soapui principle and specific operation steps
- Analytical ability: demand business/log analysis
2. Obtain and analyze interface requirements
2.1 Obtain interface requirements ,
1) Development and provision of interface documents
2) Obtain (front-end interface) through the packet capture tool fiddler or F12, and find the developer to confirm
2.2 Analyze the interface content ---Qianchengdai interface document v1.3 as an example, the developer provides
1) revision record table: version record; accountability; Convenient management --- look at the company
2) Interface overview: how to compose, contain content, return results, request results
①Interface URL format: http://ip:port/futureloan/apiName --port port number is generally 1-65535
②Request header ( Note: The request header marked in red font must be set )
Common http requests: 7 common http requests - zhouwenfan - Blog Garden
③Response body: a json object, including three fields: code, msg, and data
Ps: request body: request header response header response body (response content/response message-response)
④Universal return code/error code comparison table: code=0 means success, code>0 means failure --- see development
⑤Interface token authentication
3) Interface Description: Detailed description of the interface of each function
Note: Json: { “ user_name ”:”xxx”,” pwd ”:”123666” }
xml标签:<user_name>xxx</user_name>
<pwd>123666</pwd>
Use cases include: serial number , interface module , use case title , request header, request method (Get/Post) , interface address, parameter input , expected return result , database result, actual result, remarks
Interface document special data type:
- string string ""
- int integer
- float floating point number
- [1,2,3,4] list
- {“age”:18,”title”:ceo} Dictionary!--json
- jmetertools
- Introduction to interface testing tools
Firefox plug-ins ---http requester --- plug-ins are no longer maintained, many cannot be used
Chrome plugin --- Postman --- used a lot
Soapui --- less used
Jmeter --- used a lot, focus on explaining performance testing
Loadrunner --- performance testing --- interface
Code implementation [later--Python video/Java for 0.02 yuan]--python preschool class
Browser: http request get request method
- Detailed explanation of the basic use of Jmeter
1) Commonly used test components
Test Plan: default
Thread group: number of concurrent users, concurrent time, number of request cycles
Sampler: more commonly used HTTP request, JDBC Request, soap/websrvice
Listener: view tree results
Configuration elements: http request default value, HTTP header manager, JDBC Connection Configuration
assertion: response assertion. By comparing the response data returned by the server, determine whether the request is successful
Parameterization: User Defined Parameters, CVS Data Set Config, Function Parameterization
Association: Post-processor: regular expression, json expression
2) Supplementary knowledge: content-type
Data transfer format:
Json: {key-value pair}
{“mobile_phone”:”1886666888”,”password”:”lemon123456”}
xml: a pair of tags to wrap the data passed
<mobile_phone>1886666888</mobile_phone>
<password>lemon123456</password>
form form: application/x-www-form-urlencoded
ZenTao submitted a bug [later packet capture demo + script demo]
- Three ways of parameterization (must ask)
${variable name}
① Configuration element: user-defined variable
② Configuration component: CSV Data Config
③ The function in the function assistant obtains the parameter value _Random function_RandomString function
For example: y=a+b to find a, the value of b can be (0,8) (1,7) (2,6) (3,5 ) (4,4)
2) Additional understanding:
① How to set the number of cycles
② Design test cases and test points according to parameterization
- associate
Association concept: two requests, the response result of the previous request is passed in as the parameter of the next request
The scenario of associated operation: the parameter value of the next request is changed
Association method: The association in Jmeter is to obtain data through "add-post processor" and pass it to the subsequent request for use
①Regular expression extractor
②json extractor
Note: The post-processor is placed in the sub-level of the request , and the data is generally extracted from the response data of "View Result Tree"
4.1 Regular Expression Extractor
1) Response fields to check: Sample data source
2) Reference name: customizable settings, reference method: ${reference name}
3) Regular expression: data extractor, the values in () brackets are the values you want to get. common properties (.*?)
4) Template: $$ corresponds to the regular expression extractor type,
$1$$2$:{“token_type”:”(.*)”, “expires_in”:”(.*)”, “token”:”(.* )”}}
→ Matching numbers: -1 means all, 0 is old, 1 is the first, 2 is the second, and so on, generally write 1
→ Default value: the default value when the match fails, you can leave it blank
4.2 Regular expressions
Concept: an expression for matching content, *.log==help me match all files with .log suffix
How to judge whether your regular expression is correct, you can check it online: Online regular expression test
Baidu: 30 minutes to get started with regular expressions
Extracurricular knowledge:
Open the tool → function assistant dialog box → select the function RandomString (you can click the help to select the query you need) → length select the name length, generation type → generate a string and copy it into the value
Json Path Tester → Json Path Expression → Enter $.(what you need in {})
http request → add post-processor → Json extractor → get the value from the request response result → you can add a sampler Debug Sampler (debug sampler) by viewing the result tree/thread group → run --- only applicable to Json format
Regular expressions
refer to the regular expressions of mobile phone numbers: regular expressions of mobile phone numbers
- Json extractor
1) Response fields to check: Sample data source
2) Reference name: customizable settings, reference method: ${reference name}
3) JSON path expression: http://lemfix.com/topocs/63
4) Matching numbers: -1 means all, 0 is old, 1 is the first, 2 is the second, and so on, generally write 1
5) Default value: the default value when the matching fails, you can leave it blank
- Jemter Affirmation
By adding → Assertion → Response assertion; you also need to listener → Assertion result to check whether the assertion result is correct after execution
If the request is successful, the structure of the assertion result will be displayed normally, otherwise an error will be reported and displayed in red
Jmeter uses
1. Configure jmete
①Add thread group
② Configure http request (you can set the default request in the thread group)
③ Add view results (available in json format)
think:
- When to do interface testing
- Why do interface testing
- Interface Test Principle
- The front-end interface has come out and has been tested through the front-end interface. Does the back-end interface still need to be tested?
- After completing the interface test, do we still need to do the front-end function test?
- Which stage of execution does interface testing generally belong to? integration, system
Answer:
- 1) Only when the project requires interface testing, if there is no requirement, it can not be done.
- After the general back-end interface is developed, we can intervene as early as possible for testing
- 1) Improve efficiency and reduce costs
2) Safety
3) The interface is relatively stable - Simulate the client sending a request to the server
- After the front-end test is completed, the back-end needs to be interface tested (from the perspective of security)
- After completing the interface test, you need to do the front-end function test
1) Verify the correctness of the front-end function buttons (UI, URL, drop-down box, etc.)
2) Page input restrictions
3) Whether the front-end submits data to the server
6. It belongs to integration and system stage