November 7, 2018

Jason Ioannides, API Testing: From Entry Level to a PhD in 40 mins

What an amazing webinar! Today I watched an Association of Software Testing (AST), API Testing: From Entry Level to a PhD in 40 mins with Jason Ioannides. With a name like that, I expected to get a lot of information, but not the level that I actually received!

About the Webinar

From the Webinar Site:

"Have you seen a recent job posting for a Tester or QA Engineer? The majority of job descriptions have some requirement for API Testing experience. That’s how important and in-demand the skills are for testing (let alone automating) an API. What do you do if this is all new to you? What about if you have some experience but are looking to level up? Look no further.

"Jason Ioannides from API Fortress will quickly walk through the basics of what an API is, and then dive into what parts of an API can break, some real world examples, and a list of good practices to add to your checklist. This talk is for everyone from beginners to the more advanced user of Postman/SoapUI/REST-Assured". - API Testing

API Testing: From Entry Level to a PhD in 40mins

The webinar was moderated by Chris Kenst who started taking questions from the internet audience and, ah, I kinda got carried away.

Chris is a volunteer BBST Instructor with the Association for Software Testing(AST), a co-instructor of BBST with Kaner, Fiedler & Associates. (Find out what Chris Kenst is doing now).

About the Speaker

"Jason Ioannides is a native of Brooklyn, and the solution engineer at API Fortress. He is a trained Node and Python developer that graduated from George Washington University. He loves both his dog named Taco, and the food".

Notes on the Webinar

The talk was amazing, giving you a good foundation on what an API is, from the ground level working you all the way up.

For those who don't know, an API is an Application Programming Interface, a content delivery method that focuses on moving data from one place to another, from a database to a microservice. APIs expose the business logic of an app to the outside world... Stuff such as user data, where you can access the the data without needing to get under the hood.

Data can come in many forms:

1. REST/JSON api: JSON is Javascript Object Notation
2. XML/ SOAP: XML: Extensible Markup Language
3. Plaintext
4. GraphQL: Still JSON but Jason thought it was still worth mentioning

"GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools" -
What are the benefits of REST?

  • Browser clients are more supportive of REST, which now makes up 70% of the API environments out there. REST APIs are often more performative, allowing you to serialize and deserialize without taxing the browser.

What is serialization and deserialization in REST?

From Stack Overflow: "JSON is a format that encodes objects in a string. Serialization means to convert an object into that string, and deserialization is its inverse operation.

"When transmitting data or storing them in a file, the data are required to be byte strings, but complex objects are seldom in this format. Serialization can convert these complex objects into byte strings for such use. After the byte strings are transmitted, the receiver will have to recover the original object from the byte string. This is known as deserialization.

"Say, you have an object
{foo: [1, 4, 7, 10], bar: "baz"}
"serializing into JSON will convert it into a string:
which can be stored or sent through wire to anywhere. The receiver can then deserialize this string to get back the original object.
 {foo: [1, 4, 7, 10], bar: "baz"}.

What are the benefits of SOAP?

  • Less required coding in the application layer for security, trust.
  • Greater transaction reliablity (ACID complience)
  • Simpler across frameworks or proxies without modifications to the protocol itself. 
"In computer science, ACID (Atomicity, Consistency, Isolation, Durability) is a set of properties of database transactions intended to guarantee validity even in the event of errors, power failures, etc. In the context of databases, a sequence of database operations that satisfies the ACID properties (and these can be perceived as a single logical operation on the data) is called a transaction. For example, a transfer of funds from one bank account to another, even involving multiple changes such as debiting one account and crediting another, is a single transaction" . - Wikipedia

What happens in an API when it is accessed?

  • Requests go from a Client to a Server. Transffered via HTTP, Hypertext protocol.
  • Once the Client request gets to the server, the server issues a query to the database along with user credentials.
  • The database then passes information back to the server, a response, to the client.

When Things Go Wrong

Jason went through 4 test cases about what API testing can detect.

Rules for API testing:

1. Keep it DRY. Don't repeat yourself. Parameterize data wherever you can. Makes the test more flexible, increasing the work to be leveraged by other teams

2. Make your intensions clear. How am I going to remember what the test is for? How will teammates know what is being tested if you are not available? We don't want to have to redo work. Collaboration has problems when code is not properly documented.

3. Act like the consumer would. Not just the customer... the consumer may be another microservice. Stop creating test cases in a vacuum. Use real user data whenever possible. It is more than just pinging an API and seeing things get returned back.

Many APIs exist in the scope of a system. If a microservice passes data into an API, pass a feed into the API. Simualate the user workflows to find the holes.

4. Eliminate Static Data sources. Data that exists for the purpose of the test. Use live data whenever possible. Cloned instances of databases. If live data is unavailble, use mock responses that match your expected responses. Write a mock server such as Jango for Python. Express for NodeJS.

Thank you, Jason for an excellent presentation!

Happy Testing!

-T.J. Maher
Sr. QA Engineer, Software Engineer in Test
Meetup Organizer, Ministry of Testing - Boston

Twitter | YouTubeLinkedIn | Articles


Riya Raj said...

The way you have presented the blog is really good.... thanks for sharing with us...
Android Training in Chennai
Android Course in Chennai
android development course in chennai
Android training
Android Training in Annanagar
Android training in vadapalani
Digital Marketing Course in Chennai
Python Training in Chennai
Big data training in chennai
JAVA Training in Chennai

anushya said...

I actually found this blog in google and that is amazing one. I enjoyed lot while reading this and it is very easy to understandthe content. keep doing.
German Classes in Bangalore
German Courses in Bangalore
German Language Institute in Bangalore
Hadoop Training in Bangalore
Ethical Hacking Course in Bangalore
Selenium Training in Bangalore
Data Science Training in Bangalore
Best Java Training Institutes in Bangalore
Best AWS Training in Bangalore

Durai Moorthy said...

A very nice post. Thanks for sharing such a piece of valuable information...
AWS Training in Bangalore
RPA Training in Kalyan Nagar
Data Science with Python Training Bangalore
AWS Training in Kalyan Nagar
RPA training in bellandur
AWS Training in bellandur
Marathahalli AWS Training Institues
Kalyan nagar AWS training in institutes
Data Science Training in bellandur
Data Science Training in Kalyan Nagar

jagedheesh kumar said...

I feel satisfied to read your blog, you have been delivering a useful & unique information to our vision.keep blogging.
salesforce Training in Bangalore
uipath Training in Bangalore
blueprism Training in Bangalore

Riya Raj said...

More valuable post!!! Thanks for sharing this great post with us.
JAVA Training in Chennai
Best JAVA Training institute in Chennai
java training center in chennai
Java classes in chennai
java training in Adyar
JAVA Training in Tnagar
Big data training in chennai
Selenium Training in Chennai
Digital Marketing Course in Chennai
Selenium Training in Chennai

vinudevan said...

Thanks for giving excellent Message. Waiting for the next article
DOT NET Training in Chennai
c# training in chennai
dot net classes in chennai
mvc training in chennai
dot net training in T nagar
Html5 Training in Chennai
Spring Training in Chennai
Struts Training in Chennai
Wordpress Training in Chennai
SAS Training in Chennai

arolincy said...

Thank you for your efforts and I am inspiried with your written style.
IELTS Coaching in Chennai
Best IELTS Coaching centres in Chennai
German Language Classes in Chennai
Japanese Language Classes in Chennai
Best Spoken English Classes in Chennai
TOEFL Classes in Chennai
IELTS Coaching in Tnagar
IELTS Coaching in OMR

nisha raj said...

Your post is just outstanding! thanx for such a post,its really going great and great work.
python training in kalyan nagar|python training in marathahalli
selenium training in marathahalli|selenium training in bangalore
devops training in kalyan nagar|devops training in bellandur
phthon training in bangalore

Alisha henderson said...

Hey Found your blog though those carnivals and gotta say you produce some excellent articles. Really liked this one for its list of activities.…some of these are repeats but a number of them are new.
Software testing company

Bhanu Ravi said...

A very nice post. Thanks for sharing such a piece of valuable information...
aws Training in Bangalore
python Training in Bangalore
hadoop Training in Bangalore
angular js Training in Bangalore
bigdata analytics Training in Bangalore

sangeeth said...

Thanks for posting keep updating it.
Ionic Training in Chennai
Ionic training course
German Classes in Chennai
TOEFL Coaching in Chennai
Informatica Training in Chennai
Spoken English Classes in Chennai
spanish language in chennai
content writing training in chennai
Ionic Training in Tambaram
Ionic Training in Adyar

ethiraj raj said...

Thanks for sharing an informative article. keep update like this...
aws Training in Bangalore
python Training in Bangalore
hadoop Training in Bangalore
angular js Training in Bangalore
bigdata analytics Training in Bangalore

sasi said...

The blog you shared is very good. I expect more information from you like this blog. Thankyou.
Artificial Intelligence Course in Chennai
ai courses in chennai
artificial intelligence training in chennai
ai classes in chennai
best artificial intelligence training in chennai
Hadoop Training in Bangalore
salesforce training in bangalore
Python Training in Bangalore