Introduction:
An API is a code providing an interface between two applications using routines, protocols, and tools that help the applications communicate with each other by acting as an intermediary. In addition, they ensure the security of the information transferred through encryption, user management, authentication, and other security measures. Thus assuring the legitimacy of all parties involved in the exchange. They also standardize access and remove any dependency on the application’s technical aspects as APIs can integrate two applications regardless of the language, machine, operating system, or mobile device they are written in. APIs also allow you to build apps that connect several apps and bring the functionality of all the apps onto a single interface.
What is Validations in API Testing?
API validation is the process of checking to see if an API meets certain requirements for how it works, how well it performs, how safe it is, and other things. It is an important part of developing software because it helps make sure that an API meets the needs of its users and works as expected.
API Validation classification
Example: User sends POST request with valid request body.
Scenario: Verify POST request to post data into program module with valid base URL and valid data
Given User sets request for Program module with valid base URL and valid request body
When User sends POST request with valid data
Then Request should be successful with status code "201" for POST request
Step Definition:
@Given("User sets request for Program Module with valid base URL and valid request body")
public void user_sets_request_for_program_module_with_valid_base_url_and_valid_request_body() {
this.uri = Config.PostProgram_URL;
this.request = RestAssured.given().header("Content-Type", "application/json");
logger.info("Request set for Program module with valid base URL and valid data");
}
@When("User sends POST request with valid data")
public void user_sends_post_request_with_valid_data() {
HashMap data = new HashMap();
data.put("studentName", "John");
data.put("programName", "Business Analytics");
data.put("programType", "Geaduate");
data.put("location", "Boston");
response = this.request.body(data).when().post(this.uri).then().log().all().extract().response();
logger.info("Post request sent with valid data");
}
Performing Validations:
1) Status Code Validation:
Every HTTP Response received as a result of an HTTP request sent by the client to the server has a status code. This status code value tells us if HTTP Response was successful or not. If the request was successful, the server sends the status code in the range of 200-299. If the request was not successful, then the status code other than the range is returned.
@Then("Request should be successful with status code {string} for POST request")
public void request_should_be_successful_with_status_code_for_post_request(String statuscode) {
int Poststatuscode = response.getStatusCode();
if (Poststatuscode == 201) {
response.then().statusCode(Integer.parseInt(statuscode));
logger.info("Post Request Successful");
}
2)Status Line Validation:
A "Status-Line" is the first line returned in the HTTP response. The status line consists of three substrings:
Ex- HTTP/1.1 200 OK
HTTP protocol version.
Status Code.
Status Code’s string value.
@Then("Request should be successful with status Line{string} for POST request")
public void request_should_be_successful_with_status_line_for_post_request(String statusline) {
String Poststatusline = response.getStatusLine();
if (Poststatusline == HTTP/1.1 201 CREATED) {
response.then().statusLine(statusline);
logger.info("Post Request Successful");
}
3.Response Body Validation:
The response body contains the requested information in the format specified by the Accept field in the request header. For JSON, the body is typically an object or an array of objects.
@Then("Request should be successful with status Line{string} for POST request")
public void request_should_be_successful_with_status_line_for_post_request() {
response.then().assertThat().body("studentName", Matchers.equalTo("John"));
response.then().assertThat().body("programName", Matchers.equalTo("Business Analytics"));
response.then().assertThat().body("programType", Matchers.equalTo("Graduate"));
response.then().assertThat().body("Location", Matchers.equalTo("Boston"));
logger.info("Post Request Successful");
}
4.Header Validation:
HTTP Headers are an important part of the API request and response as they represent the meta-data associated with the API request and response. Headers carry information for: Request and Response Body. Request Authorization. Response Caching.
@Then("Request should be successful with status Line{string} for POST request")
public void request_should_be_successful_with_status_line_for_post_request() {
response.then().assertThat().header("Connection", "keep-alive");
response.then().assertThat().header("Content-Type" , "application/json");
logger.info("Post Request Successful");
}
5.Cookies Validation:
Cookie Testing is defined as a Software Testing type that checks Cookie created in your web browser. A cookie is a small piece of information that is stored in a text file on user’s (client) hard drive by the web server. This piece of information is then sent back to the server each time the browser requests a page from the server. Usually, cookie contains personalized user data or information that is used to communicate between different web pages.
@Then("Request should be successful with status Line{string} for POST request")
public void request_should_be_successful_with_status_line_for_post_request() {
response.then().assertThat().cookie("token", "notNullValue");
logger.info("Post Request Successful");
}
6.Json Schema Validation:
JSON Schema is a JSON-based format for defining the structure of JSON data. It provides a contract for what JSON data is required for a given application and how to interact with it. It can be used for validation, documentation, hyperlink navigation, and interaction control of JSON data. The schema can be defined in a JSON file, and be loaded into your code or it can be directly created in the code.
Sample Json request body:
{"studentName" : "John",
"programName" : "Business Analytics",
"programType" : "Graduate",
"Location" : "Boston"
}
Json Schema generated for the above request body
Json schema can generated using any online json schema convertor. We have to copy our request body and paste in the json schema convertor and click convert.
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"studentName": {
"type": "string"
},
"programName": {
"type": "string"
},
"programType": {
"type": "string"
},
"Location": {
"type": "string"
}
},
"required": [
"studentName",
"programName",
"programType",
"Location"
]
}
After getting the required schema, we have to create a Json schema file with the extension .json in src/test/resources and paste the schema data into it and have it saved
@Then("Request should be successful with status Line{string} for POST request")
public void request_should_be_successful_with_status_line_for_post_request() {
response.then().assertThat()
.body(JsonSchemaValidator.matchesJsonSchema
(new File("./src/test/resources/JsonSchemas/POSTProgram.json")));
logger.info("Post Request Successful");
}
Conclusion:
API validation is a very important part of the development process, as it can help catch errors early on. It is also good practice to perform regular validation checks during the API lifecycle, in case any changes have been made that break the contract.