1. Do interface testing. When there are many request parameters, tps drops significantly. This interface obtains data from redis according to the parameters. Each parameter interacts with redis once. When one set of parameters is tps5133, and the five sets of parameters are tps1169, multiple interactions affect the processing. Performance, please elaborate on how to improve the performance.
Change the get method for obtaining data from redis to mget to reduce the number of interactions.
2. What is the difference between symmetric encryption and asymmetric encryption in the interface encryption test? How to conduct the test? Please explain in detail
Symmetric encryption is the fastest and simplest encryption method. Encryption and decryption use the same secret key. This method is called a symmetric encryption algorithm in cryptography. One of the major drawbacks of symmetric encryption is the management and distribution of keys. In other words, how to get the keys to the people who need to decrypt your messages is a problem. In the process of sending the key, there is a great risk that the key will be intercepted by hackers. The usual practice in reality is to asymmetrically encrypt the symmetric encryption key and then transmit it to those who need it. Asymmetric encryption provides a very secure method for data encryption and decryption. It uses a pair of keys, a public key and a private key. The private key can only be kept safely by one party and cannot be leaked, while the public key can be distributed to anyone who requests it. Asymmetric encryption uses one of this pair of keys to encrypt, and decryption requires the other key. For example, if you request a public key from the bank and the bank sends it to you, and you use the public key to encrypt the message, then only the bank, the holder of the private key, can decrypt your message. Unlike symmetric encryption, the bank does not need to send the private key over the network, so the security is greatly improved. Currently the most commonly used asymmetric encryption algorithm is the RSA algorithm. Test-TBD
3. Please elaborate on how interface testing and UI testing work together in testing activities?
Interface testing and UI testing actually partly overlap. UI testing calls the interface through the interface written on the front end, while interface testing calls the interface directly. Therefore, excluding the logic of front-end processing and the correctness of calls, in theory, interface tests can cover all UI tests. However, in the actual process, if you only cover all business flows at the interface layer and only test the front-end logic on the UI, the final result may be that many original functional points are ignored, resulting in insufficient UI testing. Therefore, when there is a division of labor between multiple people and sufficient time, you can try the interface to cover the full coverage of business flows, otherwise don't try it lightly.
4. During manual interface testing or automated interface testing, how to deal with data dependencies on upstream and downstream interfaces?
In the tool, you can use global variables and other methods to transfer the required data.
5. How to test interfaces that rely on third-party data?
You can use tools such as SoapUI to directly call the webservice of the third-party data interface, and use the return value to check whether the third-party data interface is called normally. You can also use some MOCK tools to simulate third-party data return to minimize dependence on third-party data interfaces.
6. How to test interfaces that rely on login status in interface testing?
The essence of the interface that relies on the login status is that every time a request is sent, a Session or Cookie needs to be brought in order to be sent successfully. The necessary Session or Cookie is added when constructing the POST request.
7. What is the difference between http interface testing and web service interface testing?
There is a difference. The main reason is that traditional ws has a complete set of protocol standards. Among them is the soap protocol, which is used to transmit messages. Taking the traditional industry standard ws return data as an example, the return results need to be packaged in a syntax format specified by the soap protocol. Even if you only need to simply return the character 1, you still need to wrap the return in a protocol. The protocol describes success or failure, the result value, etc. With ordinary get, you output 1 and get the character 1 at the calling end. The difference between web service and http interface is: 1. The methods and required parameters implemented in the interface are clear at a glance. 2. Don’t worry about capitalization. 3. Don’t worry about Chinese urlencode problem. 4. There is no need to declare authentication (account, password) parameters multiple times in the code. 5. The parameters passed can be arrays, objects, etc.
8. When designing interface test cases, the e-commerce system is involved, which includes many modifications, such as products, merchants, stores, etc. Modifications to these data will involve many parameters. Such as the name of the product, the size of the product, the color of the product, etc. So when designing and implementing the "modify" interface, how to determine which parameters to pass? Do I need to pass only the parameters I want to modify, or all parameters?
The key is to look at the background logic implementation. Example: User has two attributes username and password. Background logic implementation: update User set username=? where id=xxx; Then, if you only want to update username, you don’t need to pass password, and its value will remain unchanged. Background logic implementation: udpate User set username=?,password=? where id=xxx; In this case, even if you only want to update username, you need to pass the password value to the background, otherwise the password will be updated to empty. In addition, there are some data such as id, etc. If the sql is not written, the database will not be updated even if the parameters of this field are passed. Therefore, when writing an interface about "modification", you need to consider how the background logic is implemented, and then confirm which parameters to pass.
9. At present, interface documents are managed in word format. Due to the rapid iteration, a lot of documents are generated. It is difficult to distinguish which interfaces are not in use, which interfaces are in use, and which interfaces are updated. The documents are messy. In addition, because Word format management is inconvenient for query, how to manage it? Every time you view the interface document, you need to download multiple words. The download operation cannot be avoided, and the efficiency is not high. How to improve work efficiency?
If it is a webservice, use the WSDL format to view the interface document. If necessary, use some configuration management tools for the previous interface, such as systems like wiki to update the existing interface status in real time.
1) What is API testing?
An API (Application Programming Interface) specifies how certain software components should interact with other components, in other words, it is a set of functions and procedures that allow the creation of applications that access the functionality or data of an application or operating system. The testing of these functions is called API testing.
2) What are the tools used for API testing?
SoapUI Pro Postman/Poster Jmeter Loadrunner
3) What are the common tests performed on APIs? Common tests performed on APIs
Verify that the API is updating any data structures Verify that the API is not returning anything Based on the input conditions, check the return value of the API Verify that the API triggers some other event or calls another API
4) Mention the key difference between UI level testing and API testing?
UI (User Interface) refers to testing the graphical interface such as how users interact with the application, testing application elements such as fonts, images, layouts, etc. UI testing basically focuses on the look and feel of the application. The API can realize communication between two independent software systems. A software system that implements an API contains functions or subroutines that can be executed by another software system
5) Explain what is SOAP?
SOAP stands for Simple Object Access Control, and it is an XML-based protocol for exchanging information between computers.
6) Explain what is REST API?
This is a set of functions for developers to perform requests and receive responses. In REST API, interact via HTTP protocol
REST - stands for State Transfer and is quickly becoming the standard for API creation. See: Best Design Principles for RESTful APIs
7) What is the difference between unit testing and API testing?
8) How to test API?
To test the API, you should follow these steps:
Select the test suite you want to add to the API test cases Select test development mode Develop test cases for the required API methods Configure application control parameters Configure test conditions Configure validation methods Execute API tests View test reports Filter API test cases Serialize API test case
9) When writing an API document, mention the main areas to be considered?
Content Source Documentation Plans or Sketches Published Interface Documentation Information Required for Each Function Automatic Document Creation Procedures
10) Explain in the API documentation how each function is documented? What tools are used for documentation?
Description: A brief description about what functions. Syntax: About the syntax of the code parameters, the order in which they appear, required and optional elements, etc. Parameters: Function parameters Error message: Syntax of error message Example code: Small code snippet Related links: Related functions Popular tools for API documentation are JavaDoc (for Java code) Doxygen (for .Net code)
11) Explain API framework?
The API framework is self-explanatory. Use test runs and save values for configuration files of configurable parts. Automated test cases must be represented in the "parse-table" format in the configuration file. When testing an API, you don't need to test every API, so the configuration file has some section where all APIs are activated for that particular run.
12) How does API Builder work?
API Builder is a PLSQL program consisting of four SQL files
To set the API parameters and start the process, one file is responsible for creating two files for the temporary table and the main package to create the output of the code. A fourth file is created to "spool" the output of the code as a file called "output_script_. sql" file
13) Explain what is TestApi?
TestApi is a library of utilities and testing APIs that allows testers and developers to create test harnesses and automated tests for .NET and Win32 applications. It provides a common set of testing building blocks, types, data structures and algorithms.
14) What is input injection and how is it done differently?
Input injection: The behavior of simulating user input. User input can be simulated in a variety of ways.
Direct method calls Calling using the accessibility interface Simulating using low-level input Simulating using device drivers Simulating using robots
15) What are the main challenges of API testing?
The main challenge in API testing is parameter selection parameter combination call ordering
16) What is API testing using runscope?
Runscope is a web application that provides backend services and an easy-to-use interface to test APIs. (Not used)
17) Explain the principles of API test design?
The principle of API test design is
Installation: Create objects, start services, initialize data, etc. Execution: Execute the steps of the API or scenario, also record logs Validation: Compare the expected results with the actual results Report: View the execution, pass, fail or block Cleanup: Return to the original test state
18) What types of bugs are discovered by API testing?
Missing or duplicated functionality Failure to handle error conditions properly Emphasis on reliability Security Unused flags Not implemented Errors Error handling Inconsistent performance Multi-threading issues Incorrect errors (basically the types of bugs found in other tests)
19) What are the tools used for API test automation?
When testing unit and API testing, it is necessary to locate the source code. If the API method uses .NET-based code, the supported tools should be .NET. Automation tools for API testing can use NUnit for .NET Java's JUnit HP UFT Soap UI (Jmeter in recent years is also very easy to use)
20) Mention the steps for testing API?
API testing steps
Select the test cases that must be satisfied for the API call Develop a test case that satisfies the test case Configure the API parameters Determine how to verify a successful test Execute the API call using a programming language such as PHP or .NET Allow the API call to return data for verification
21) What are the common protocols tested in API testing?
HTTP JMS REST SOAP UDDI
[Full 200 episodes] A collection of super detailed advanced tutorials on automated testing of Python interfaces, truly simulating the actual combat of enterprise projects.