PPL-Tester
Introduction
The http tool set obtains the request and response information of the API through the proxy, and performs traffic playback/convention testing or rapid generation of use cases on these request information. It can also manually modify parameterized extraction, variable references, assertions, etc. to form API automated testing. Use cases and more!
Do you think it’s just traffic replay? Wrong~ Go and take a look at the v2 version!
Look, please remember to give me a star .
project address:
Features
Flowchart (simple ing···)
ps:
1. The author runs Windows exe. Other systems can be packaged by themselves or executed with Python ppl x.
2. The running program needs to be run in the project root directory...
Python3 environment and dependent libraries need to be installed:
pip install -r requirements.txt
1、proxy http
command: ppl.exe f (python ppl.py f)
2023-01-20 10:39:53.628 | INFO | __main__:cmd:37 - run:http flows cat. exit:Ctrl+C
2023-01-20 10:39:53.642 | INFO | utils.flows:cat_mock_load:25 - loaded mock*.json match to will mock!
2023-01-20 10:39:53.644 | INFO | utils.flows:__init__:114 - Proxy server listening at http://0.0.0.0:8888
For basic proxy usage, please refer to the blog post: Click to jump
Official documentation: https://docs.mitmproxy.org/stable
Chinese documentation: https://ptorch.com/docs/10/mitmproxy_introduction
2、mock http response
The response can be mocked!
2.1 Configure config.ini
mock = ON
mock ON :开启mock
mock OFF:关闭mock
mode = ON
mode ON :向远程服务器发送任何数据,且根据mock数据交集返回数据从而响应
mode OFF:不向远程服务器发送任何数据
2.2 Mock file format: mock*.json
2.3 Random parameter reference format: ${faker}
结合 faker 的方法进行随机模式,文档请参考:https://faker.readthedocs.io/en/master/providers/faker.providers.python.html
mock demo:
{
"api/user/info": {
"bool": "${pybool}",
"name": "${name}",
"int": "${pyint}",
"float": "${pyfloat(0,1)}",
"data|1-3": [
{
"name": "${name}"
}
]
}
}
mock demo output
3、http flows replace
request regular replacement supports replacement (headers url body cookie)
replace = {"pattern":"value","pattern1":"value1"}
使用场景:
1.鉴权:将 token 设置为空,如:
replace = {"old token xxx":""}
2.越权:将 token 设置为另用户token,越权又分为①水平越权(同角色)②垂直越权(向上级),如:
replace = {"old token xxx":"new token xxx"}
3.流量转发, 将test环境的前端去访问正式环境的数据(前端问题复现)
{"old host":"new host"}
PS:因前端本就发出 old host 请求,所以前端看到请求还是 old host 但真实是请求到 new host.
4. https certificate expiration detection
config.ini -> check_ssl hosts
check_ssl = app.xxx.com,web.xxx.com
command:
ppl.exe s
5、api playback
5.1 Obtain interface use case collection
Way 1: Fiddler
1. desc/fiddler.txtCopy and paste the text under the project, FiddlerScript
2. Change it to match the configuration of your own business field. It is the absolute path appdirectory of the project. Pay attention to using two handles.\\
Method 2 (recommended): mitmproxy
1. Change config.inithe filtering domain name under the project to the domain name and business field you need to configure. If you fill in db_url, the traffic information will be directly stored in the database. 2. You need to configure a proxy certificate, etc., see the mitmproxy usage documentation
for details.
3. Run
command:
ppl.exe f
The above method 1 and method 2 will get the txt file or directly store it in the database.
If based on method 2 (mitmproxy), configure db_url to directly store traffic for playback testing.
1. You will get: ./data/api-xxx.txt or fiddler-xxx.txt
2. If you need to store the use case into the database, execute the command line:
ppl.exe --play=0
In addition, you may need to configure the database connection ./config.ini.db_url. The default issqlite
mysql:db_url = mysql+pymysql://root:[email protected]:3306/tester?charset=utf8
data migration:ppl.exe --move=new_db_url
5.2 Executing tests
Command line parameter descriptions (some can be configured by default under pytest.ini) are consistent with the pytest framework, and the following parameters are added:
-
–env: Query the use cases of business domain=ppl and environment=test
如:--env=ppl,test -
–param: Append replace the version parameter with 1 or append
如(Windows):--param={\"version\":\"1\"} -
–file: Read all txt files in the app directory for traffic playback. See traffic playback for detailed usage.
如:--file=1 -
–play: Read the txt file for use case storage.
For example: –play=00:读取txt用例入库 1:读取db用例进行回放测试 2:读取txt文件流量回放 3: 读取阿里云日志流量并入库 -
–init: Initialization of db table structure, generally not needed.
For example: –init=1
Method 1: txt file traffic playback
ps:不支持下载/上传文件回放,不要将txt文件换行或格式变化哦(只回放API响应码为200)
1)方式1:默认为app目录下全部txt文件(以下2-3不存在文件时亦是):pytest --file=1
2)方式2:指定app目录下的文件:pytest --file=fiddler_2022-7-31.txt
3)方式3:绝对路径指定文件(注意win下需要\\):pytest --file=E:\\fiddler_2022-7-31.txt
4)方式4:相对路径指定文件:pytest --file=./fiddler_2022-7-31.txt
Method 2: After the use case is stored in the database, execute the db use case test
You need to configure pytest.ini (recommended) or config db before running.
See the 5.6 db or pytest config instructions for details.
Configure pytest.ini to map the function to the db use case to execute the corresponding environment test.
ppl.exe --env=domain,env --param={
\"version\":\"1\"}
ps:Windows可以生成allure报告:ppl.exe r (支持替换变量,存储变量,引用变量,响应断言)
5.3 Introduction to post-processor: http_collect
Parameter extractor, the default is to take the first value (supports extraction of return parameters of response and headers interface)
Please refer to Jsonpath syntax: https://goessner.net/articles/JsonPath
1.Jsonpath is case sensitive
1) Get the value of key:['key'] ----> {'key':'value'}
2) Get the value of key and rename it:[{'key':'name'}] ----> {'name':'value'}
3) Get the value of key and specify the nth one:['key':n] ----> {'key':values[n]}
4) Get the value of key and rename it and specify the nth one:['key':['name',n]] ----> {'name':values[n]}
5) Native Jsonpath syntax:['$.data.key'] ----> {'key':'value'}
6) Native Jsonpath syntax and rename:[{'$.data.key':'name'}] ----> {'name':'value'}
7) Native Jsonpath syntax and specify the nth one:[{'$.data.key':n}] ----> {'key':values[n]}
8) Native Jsonpath syntax and rename and specify the nth one:[{'$.data.key':['name',n]}] ----> {'name':values[n]}
2. Regular expressions
1) Get the value of the regular expression and name it env:[{'re':['env','http://(.+?)/']}] ----> {'env':'value'}
2) Get the value of the regular expression and name it env and take the nth value:[{'re':['env','http://(.+?)/', -1]}] ----> {'name':'value'}
5.4 Introduction to assertion usage: http_assert
1.Jsonpath assertion
1. Characters inside: ["msgId"]
`实际为:assert "msgId" in response.text`
2. The variable is inside: ["${msgId}"]
`实际为:assert "${msgId}" in response.text`
2. Character equality: [{"msgId":"123456"}]
`实际为:assert 123456 == json_path(result.json(), 'msgId')`
3. Characters inside or other: [{"msgId":["123456","in"]}]注:in 可以是== != not in
`assert 123456 in response.get('msgId')`
4.长度:1 == len(response.get('msgId')):[{“msgId”:[1,“len”]}]
`assert 1 == len(response.get('msgId'))`
2. Regular expression assertion
1. Just write the regular expression directly, such as:[{'re':'http://(.+?)/'}]
5.5 Variable reference (parameterized association)
Use this system and follow Faker syntax to quote directly: ${Faker syntax}
Starting with ppl_, it is a custom generated data method
For more information about Faker, please refer to the official documentation: https://faker.readthedocs.io/en/stable/locales/zh_CN.html#faker-providers-address
field data structure and explanation. You can also refer to the code model:
1. Number related:
1) Mobile phone number: ${phone_number}
18520149907
2) ID number: ${ssn}
410622198603154708
2. Time and date related
1) Current date and time: ${ppl_now_datetime}
2022-07-02 12:56:58
2) Current timestamp: ${ppl_time}
1656737818
3) Current date: ${ppl_now_date}
2022-07-02
4) Current time: ${ppl_now_time}
12:56:58
5) Date and time of the past 7 days: ${ppl_datetime(-7)}
2022-06-25 00:00:00
6) Date and time in the next 7 days: ${ppl_datetime(7)}
2022-07-09 23:59:59
7) Random year-month-day: ${date}
1996-03-20
8) Random (hour: minute: second): ${time}
04:52:23
9) Future date and time: ${future_datetime(end_date=+7d)}
2022-07-07 16:01:23
10) Past date and time: ${past_datetime(end_date=-7d)}
2022-06-29 13:29:20
3. Name related:
1) Name: ${name}
王凯
2) Name (female): ${name_female}
戴丽丽
3) Name (male): ${name_male}
刘荣
4)姓:${last_name}
宋
5) Name: ${first_name}
强
4. Address related
1) Address: ${address}
香港特别行政区大冶县上街钟街k座 664713
2) Province: ${province}
河北省
3) City: ${city}
长春县
4) Region: ${district}
白云
5) Street address: ${street_address}
武汉街D座
5.6 db or pytest config instructions
Use pytest.ini.config testeror db config table configuration, just configure one.
It is recommended to use pytest.ini
Account environment configuration
1、pytest.ini 例子(需要压缩json,不可格式化)
[test]
tester = {"gray":"gray","Tester":[{"https://blog.csdn.net":{"url":"/qq_42675140","body":{},"method":"GET","collects":["ppl_cookie"]}},{"http://open-ppl-getaway.com":{"Authorization":"Bearer ","key":"nf9vMghQLyEZkeyxxxxx0ln9klsPz","secretx":"ylJhZzwvaa2NxxxsecretlDtNsJSyMh"}}],"filter_code":{},"filter_path":["/user/logout","/user/login"]}
[test]:表示定义的环境 test,可以多个.
tester:pytest 账号登录/过滤等配置
1) gray:默认gray就好,一般用于AB测试模型则需要配置.
2) Tester:登录获取token或cookie初始化,可配置多个登录信息
collects:表示后置处理器 collect (使用详细查看第三点[后置处理器使用]),用例提取token或cookie作为登录态
3) filter_code:过滤某些接口响应内容,可不写
4) filter_path:过滤某些接口url,一般用于过滤登录及退出登录以免执行测试时影响登录态
2、db config如下例子, 直接复制粘贴保存即可(可格式化):
{
"gray":"gray",
"Tester":[
{
"https://app-xxx.com":{
"url":"/api/user/login",
"json":{
"mobile":18888888888,
"Password":"mVs6NwvIFRgN0aaUo4KZOiW9QZWbKZjqVX1eW9Gr2s4rgZ5atS3ppY39ZlyE37Tb2/zo6YWJV6VJV="
},
"method":"POST",
"collects":[
"clienttoken"
]
}
},
{
"https://web-xxx.com":{
"url":"/api/index.php?r=data/login",
"data":"user=admin&password=4076f862096d1536b6cac6866e386655=",
"method":"POST",
"headers":{
"content-Type":"application/x-www-form-urlencoded"
},
"collects":[
"ppl_cookie"
]
}
}
],
"filter_code":{
"$response_key":[
200,
"200"
]
},
"filter_path":[
"/api/user/logout",
"/api/user/login"
]
}
5.7 mysql and other assertions
To be developed
6. Web page management use cases, etc.
To be developed
7. flows client, integrating the above functions...
To be developed