Training: REST Assured API Testing

REST Assured is a Java-based library widely used for testing and validating RESTful application programming interfaces (APIs). It simplifies the process of sending HTTP requests to a web server and receiving responses, allowing testers to verify the status code, content, headers, and response time of the requests. In this course, you will dive into the essentials of API testing with a focus on REST Assured. You will learn about the significance of APIs, the basics of REST architecture, and why API testing is crucial for ensuring applications communicate effectively. Next, you will set up your development environment, starting with IntelliJ IDEA and a Maven project. With Apache Maven helping manage your project dependencies, you will execute REST Assured tests integrated with TestNG to validate successful API responses. Then you will learn to send GET requests, interpret status codes, and use REST Assured's peek and print functions. Finally, you will investigate response headers and bodies more critically and perform detailed validations, ensuring the responses meet your predefined expectations.

Hamcrest is a framework for writing matcher objects, facilitating the creation of flexible and expressive tests in Java. REST Assured has first class support for Hamcrest matchers to validate headers and responses from APIs. In this course, you will explore the capabilities of the Java Hamcrest library, a powerful tool for asserting various data types, including numeric values, strings, collections, and arrays with precision and flexibility. Next, you will expand your testing repertoire by integrating Hamcrest with REST Assured for sophisticated API testing. Then you will learn to ensure API responses meet expected schemas and contents using Hamcrest matchers and lambda expressions. Finally, you will discover how to specify path parameters in your URLs, use unnamed and named parameters, and specify query parameters for filtering the response.

JSON response validation checks the response data to see whether it matches expectations. Schema validation against a JSON response involves comparing the actual application programming interface (API) response to a predefined JSON schema. This process helps identify mismatches, missing fields, or data type errors in the API response, ensuring that the API behaves correctly under various conditions and conforms to its specification. Begin this course by learning how to validate JSON responses and schemas using REST Assured and how to navigate JSON responses with JSONPath, accessing and validating nested structures and collections. Next, you will uncover the pivotal role of JSON schemas in API testing, generating and applying JSON schemas to define and validate the expected structure of API responses. Then you will explore validating response types and properties, ensuring adherence to required fields, and employing schema dialects to refine your validation strategies based on the schema documentation. Finally, you will investigate advanced validation techniques, including validating nested JSON objects and arrays and validating XML responses.

REST Assured offers techniques to test application programming interface (API) endpoints that support different HTTP verbs. REST Assured allows you to specify your request and response body as a serialized JSON string, JSON objects, or just plain old Java objects (POJOs). This makes working with requests and responses easier and more maintainable. In this course, you will learn how to host a REST API server using a Spring model-view-controller (MVC) in Java, focusing on the use case of building a bug-tracking application. Next, you will explore various request types beyond GET, including HEAD and OPTIONS for API discovery, and POST, PUT, PATCH, and DELETE for resource management on your server. Finally, you will investigate advanced techniques for optimizing your work with API responses and requests., including deserializing JSON responses into POJOs for easier data management, applying strategies for dealing with nested fields in response data, and streamlining your code with the Lombok library, which eliminates the need for boilerplate code.

Data-driven testing is a methodology where test scripts are executed and validated using data sets stored in external databases or files. This approach allows for a more flexible, scalable, and maintainable testing process, as it enables the testing of multiple scenarios with different data inputs without altering the test code. In this course, you will learn the essentials of data-driven testing with TestNG and REST Assured, focusing on API testing for a bug-tracking application programming interface (API) server. You will send API requests, incorporate query and path parameters, and write tests to validate server responses. Next, you use parameterized tests to efficiently test APIs with varying input data. Then you will learn to manage test data using TestNG data provider methods. You will store your test data in comma-separated values (CSV) and JSON files and learn how to eliminate repetitive code. Finally, you will use Apache Poi and the Poiji library for simplified Excel parsing to streamline the process of reading and parsing Excel files, and deserializing data into plain old JavaScript objects (POJOs) for API testing.

Application programming interface (API) authentication is a cornerstone of web security, ensuring that only authorized users and applications can access protected resources. In this course, you will dive into the fundamentals of API testing and authentication techniques using Java and REST Assured. You will learn to authenticate API requests using both challenged and preemptive authentication methods. Additionally, you will explore the use of digest authentication to enhance the security of your API requests with cryptographic hashes. Next, you will discover how to authenticate to API endpoints using OAuth tokens, starting with the configuration of OAuth1 and then advancing to the industry standard OAuth2 for authorization. Finally, you will apply these authentication techniques in practical scenarios, setting up tests with credentials and generating random usernames to mimic real-user interactions. This hands-on approach will solidify your understanding of API authentication and prepare you for comprehensive end-to-end testing.

Architecting clean tests in REST Assured involves structuring your test code in a way that enhances maintainability, readability, and reusability, while efficiently validating the functionality and reliability of RESTful APIs. In this course, you will tackle the challenge of reducing boilerplate code in API testing for enhanced test efficiency and readability. You will learn to use REST Assured global variables and configure request and response objects to streamline your tests. You will also handle URL redirections, parameter configurations, and HTTP client settings to ensure robustness across various testing scenarios. Next, you will explore structuring your test suite through inheritance and composition to maintain a scalable and organized codebase. Then you will build a base class for shared functionality, allowing child classes to inherit and make use of reusable code in the base class. Finally, you will integrate your tests with the Maven build life cycle and set up distinct environments for development, testing, and production, ensuring that configurations remain separate and optimized for each stage.

Transient errors and fault injection are crucial concepts in enhancing software resilience, particularly in distributed and cloud-based systems where network unreliability can introduce sporadic failures. In this course, you will focus on enhancing your application programming interface (API) testing skills with Java RestAssured, starting with the core aspect of request and response logging. You will learn how detailed logging is essential for understanding the interactions between your tests and APIs, aiding in debugging and ensuring API behavior aligns with expectations. Next, you will tackle the challenges posed by transient errors in API testing, learning strategies for retrying test cases to enhance the reliability and stability of your test suite. Then you will explore solutions like custom retry logic and the use of libraries like Awaitility for handling asynchronous operations more elegantly. Finally, you will investigate advanced testing techniques using the Envoy Proxy for fault injection, enabling you to simulate various failure conditions and assess an API's robustness and error-handling capabilities.

Continuous integration and continuous delivery (CI/CD) pipelines for testing application programming interfaces (APIs) are automated workflows that integrate code changes, test executions, and deployment processes to ensure that APIs function correctly and are ready for production environments. In this course, you will learn the fundamentals of CI/CD and its significance in automating software testing. You will install Jenkins on your local machine and see how you can configure Jenkins to automate your builds and tests. Next, you will enhance your CI/CD pipelines by exploring advanced Jenkins features. You will set up both manually triggered and scheduled builds for testing, examine the inefficiencies of polling GitHub repositories for changes, and use WebHook triggers and GitHub push notifications for more efficient build triggers. Finally, you will create a continuous integration pipeline using GitHub Actions. You will integrate Java RestAssured API tests into the GitHub repository's life cycle, configure Surefire reports to generate detailed test reports, and set up workflows to send email alerts upon test completion or failure.

Reporting in tests is essential for providing visibility into the health, performance, and reliability of software applications, allowing teams to make informed decisions about releases and maintenance. Extent Reports and Allure Reports are powerful tools in this domain, offering rich, interactive dashboards that detail test executions, highlight failures, and track trends over time. In this course, you will explore the crucial role of integrating reports with tests in software development projects. You will get an overview of the strengths and weaknesses of Extent and Allure reporting frameworks. You will first create and customize Extent Reports. You will learn to abstract reporting details using the ITestListener interface in TestNG for a cleaner and more maintainable test suite. You will also discover how to add request and response details to your reports and integrate your reporting with a GitHub Actions automated continuous integration pipeline, enhancing your testing workflow. Finally, you will delve into configuring Allure Reporting for your tests. You will organize your tests with Allure's features such as Epics, Features, and Steps, and learn to present request and response details effectively. The integration of Allure Reports with GitHub Actions will conclude your learning, equipping you with comprehensive skills in test reporting.

Mocking application programming interface (API) endpoints is essential for developing, testing, and validating applications independently of external systems. Load testing of APIs is crucial for assessing an application's performance and reliability under high traffic conditions, ensuring that it can handle real-world use without degradation of service. Together, WireMock and JMeter provide a comprehensive approach to testing for mocking and load testing respectively. In this course, you will explore the art of mocking APIs using WireMock, learning how to set up a basic server and mock API endpoints with various HTTP requests and responses. You will employ JSON files for configuring responses and explore dynamic response creation through response templating. You will use request matching to fine-tune the behavior of your API mocks and stub APIs using both Java and JSON for enhanced maintainability. Next, you will master the use of Apache JMeter for performance and load testing. Starting with the installation and setup, you will build JMeter test plans, simulate user actions with Test Groups, and make API requests using Samplers. You will learn how to analyze the responses with Listeners and validate API performance under different loads using JMeter assertions. You will run your load tests using the JMeter graphical user interface (GUI) as well as the command line.

In this sandbox, you have access to a live lab environment to practice your REST Assured development skills. The Lab Configuration section details the devices, operating systems, tools, software and accounts available in the lab. In addition to all that's already available, internet access is enabled on all devices, allowing you to download additional software, libraries, datasets and virtually anything else that will help you practice. Lab Configuration •Devices - Ubuntu 22.04 •Software and Tools - Eclipse IDE - Anaconda - Apache Net Beans - IntelliJ IDEA - MongoDB - JDK 22.0.1 - Apache Tomcat - REST Assured 5.4.0+, - TestNG - Apache Jmeter - Apache POI - Poiji - Apache Commons CSV - Extent Reports - Allure Reports - WireMock - Ngrok - Envoy Proxy - Lombok

The exercises presented in this lab include: Exercise 1 - Sending GET Requests and Validating Responses Exercise 2 - Integrating REST Assured With Hamcrest Exercise 3 - Validating JSON Response and Schema With REST Assured Exercise 4 - Implementing Basic and Digest Authentication Exercise 5 - Structuring REST Assured Test Suites with Inheritance and Composition Exercise 6 - Enhancing API Testing with REST Assured Exercise 7 - Configuring and Enhancing Extent Reports for Test Automation Exercise 8 - Configuring Assertions for API Testing in Apache JMeter Lab Configuration In this lab environment you are provided a Windows 10 virtual machine running with the following software included: Software/tools - Java 8 - Apache JMeter v5.41 - Apache Maven v3.6.3 - Intellij IDEA v2020.3.3 - Postman Dependencies - JUnit v4.13.2 - REST Assured v4.4.0 - Hamcrest v2.2 - TestNG v7.4.0 - Extent Reports v5.0.6 - JSON-Simple v1.1.1 - JSON Schema v1.11.0