Tuesday, April 14, 2020

REST API

REST API

What is REST?
REST is acronym for REpresentational State Transfer. It is architectural style for distributed hypermedia systems

Like any other architectural style, REST also does have it’s own 6 guiding constraints which must be satisfied if an interface needs to be referred as RESTful.
These principles are listed below.

* Guiding Principles of REST:

Client–server – By separating the user interface concerns from the data storage concerns, we improve the portability of the user interface across multiple
platforms and improve scalability by simplifying the server components.

Stateless – Each request from client to server must contain all of the information necessary to understand the request, and cannot take advantage of any
stored context on the server. Session state is therefore kept entirely on the client.

Cacheable – Cache constraints require that the data within a response to a request be implicitly or explicitly labeled as cacheable or non-cacheable.
If a response is cacheable, then a client cache is given the right to reuse that response data for later, equivalent requests.

Uniform interface – By applying the software engineering principle of generality to the component interface, the overall system architecture is simplified
and the visibility of interactions is improved. In order to obtain a uniform interface, multiple architectural constraints are needed to guide the behavior
of components. REST is defined by four interface constraints: identification of resources; manipulation of resources through representations; self-descriptive messages; and, hypermedia as the engine of application state.

Layered system – The layered system style allows an architecture to be composed of hierarchical layers by constraining component behavior such that each component
cannot “see” beyond the immediate layer with which they are interacting.

Code on demand (optional) – REST allows client functionality to be extended by downloading and executing code in the form of applets or scripts.
This simplifies clients by reducing the number of features required to be pre-implemented.

* Architectural Constraints :
REST defines 6 architectural constraints which make any web service – a true RESTful API.

Uniform interface
Client–server
Stateless
Cacheable
Layered system
Code on demand (optional)

* 200(OK):
HTTP Status 200 (OK)
The HTTP Status 200 (OK) status code indicates that the request has been processed successfully on server. The response payload depends on
HTTP method which was selected for request.

HTTP Status 200 – Response Payload
HTTP    METHOD RESPONSE PAYLOAD
GET     An entity corresponding to the requested resource is sent in the response.
HEAD Response has only HTTP header fields and no payload is sent in response.
POST Response generally contain information about progress status representation or result of action that was performed in request.
PUT Progress status representation of request is sent in response.
DELETE Progress status representation of request is sent in response.
OPTIONS:
        A list of valid request methods associated with the resource using Allow header. e.g.
Allow: HEAD, GET, OPTIONS
Content-Length: 18
Content-Type: text/plain;charset=UTF-8
Date: Thu, 06 Apr 2020 16:51 EST
Server: Apache-Coyote/1.1

TRACE A representation of the request message as received by the end server.

* HTTP Status:
1×× Informational
100 Continue
101 Switching Protocols
102 Processing

2×× Success

200 OK
201 Created
202 Accepted
203 Non-authoritative Information
204 No Content
205 Reset Content
206 Partial Content
207 Multi-Status
208 Already Reported
226 IM Used

3×× Redirection

300 Multiple Choices
301 Moved Permanently
302 Found
303 See Other
304 Not Modified
305 Use Proxy
307 Temporary Redirect
308 Permanent Redirect

4×× Client Error

400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Payload Too Large
414 Request-URI Too Long
415 Unsupported Media Type
416 Requested Range Not Satisfiable
417 Expectation Failed
418 I’m a teapot
421 Misdirected Request
422 Unprocessable Entity
423 Locked
424 Failed Dependency
426 Upgrade Required
428 Precondition Required
429 Too Many Requests
431 Request Header Fields Too Large
444 Connection Closed Without Response
451 Unavailable For Legal Reasons
499 Client Closed Request

5×× Server Error

500 Internal Server Error
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
505 HTTP Version Not Supported
506 Variant Also Negotiates
507 Insufficient Storage
508 Loop Detected
510 Not Extended
511 Network Authentication Required
599 Network Connect Timeout Error

SoapUI
Q #1. What are web services?

Ans. Web services are web components that transfer data between client and server. The client sends a web request to the server and the server then responds to the client. The response and request are related and different requests evoke the corresponding response.

Web Service is a web component or software program that can be accessed on the Internet. It is mainly used to communicate with the web-based applications through XML messaging concepts. For example, if we want to access a particular location using Google Maps, we can use the corresponding web service URL. For that, we have to pass the appropriate inputs.

Q #2. What is the primary challenge when testing web services?

Ans. Majority of the functional testing is carried out via the GUI; the biggest challenge of web services is that they do not have a UI.

Q #3. What are the communication channels available for a web service?

In general, web service is combined with the following protocols. They are,

HTTP / POST
HTTP / GET
SOAP
While exposing the web services, these channels will be used for communication with the clients. Here HTTP / POST protocol transfers the information between the clients with a secure mode. HTTP / GET protocol allows the clients to view transferred data partially at the browser’s address bar. SOAP is used for transferring the confidential data safely.

Q #4. What are the different components can be used in the web services?

There are four components are used in web services. They are,

WSDL – Web Service Description Language
SOAP – Simple Access Object Protocol
UDDI – Universal Description, Discovery and Integration
RDF – Resource Description Framework
XML – eXtensible Markup Language
Q #5. What are the tools used for testing Web services?

To perform functional testing for web services, we can use the following tools.

SoapUI
RESTClient – This is a Firefox plug-in
JMeter – Specially made it for performance testing tool and also we can do functional testing the web services.
Q #6. What is WSDL?

Ans. WSDL stands for Web Service Description Language and is a document written in XML. It uses XML to define the service layer document which consists of origin of the web service, headers, port types, request and response data. This one can provide the information about web methods and web service.

It describes:

Origin of the web service
Header information
Port type
Input and output messages
For more info and examples, check out this article https://www.softwaretestinghelp.com/web-services-api-testing-tool-soapui-tutorial-1/

Q #7. What is the role of WSDL document in web service testing?

Ans. Validating web services in only possible with WSDL document because to configure web services in SoapUI, WSDL document is mandatory. If the WSDL document is not valid, SoapUI will throw an exception immediately.

Q #8. What is UDDI?

Ans. Universal Description, Discovery and Integration- a directory or global repository where all the web services can be found. A new Webservice can also be registered through this. This is also the place where WSDL detailed definitions are found.

It uses the discovery layer which is used in the web services. UDDI has all the information about the web services in detail. Global web services can be deployed at http://uddi.xml.org/

Q #9. What is SOAP?

Ans. Simple Object access protocol that uses XML to interact with web applications. It uses XML based content to communicate between two client machines across any network

Q #10. What would be the message format of SOAP protocol?

Generally, all the SOAP-based web services are written by using XML language which uses standard message format that is accepted across the universe. In this format, it is easy to read, identify the errors, avoids interoperability problems etc.

Here’s the sample SOAP message format.

POST /InStock HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: 399
SOAPAction: “http://www.example.com/soap-envelope”

<?xml version=”1.0??>
<soap:Envelope xmlns:soap=”http://www.example.com/soap-envelope”>
<soap:Header>
</soap:Header>
<soap:Body>
<m:TutorialName>SoapUI</m:TutorialName>
</soap:Body>
</soap:Envelope>

Q #11. What are the advantages of SOAP?

Ans. Since its XML based, it is platform and programming language independent. RPC (Remote procedure calls) are sometimes blocked by firewalls and proxy servers- Soap overcomes that.

Q #12. What does a soap document contain?

Ans. Envelope element is the topmost tag which identifies the XML document as a SOAP message. Followed by Envelope element, you see the header element that has header information. The Body element specifies the call and response information. Finally, you have a Fault element which contains errors and status information.

Q #13. What is meant by Protocols and what are the major types are used in web services?

A protocol is a set of standard rules that help to communicate the hardware devices through the software applications. There are different types of protocols used in the Internet and Intranet applications. They are

TCP which stands for Transmission Control Protocol. It has the rules to exchange the messages between two different Internet applications.

Internet Protocol uses the rules for sending and receiving the information between two different Internet addresses.

Similarly, HTTP, FTP and DHCP protocols have used the set of rules to transfer the data other than Internet applications.

Q #14. What is XML?

Ans. XML (eXtensible Markup Language) is a mark-up language that is used for storing, sharing and formatting data. In general, an XML document is built by the tags. For more info and examples, check out this article https://www.softwaretestinghelp.com/web-services-api-testing-tool-soapui-tutorial-1/

Q #15. SoapUI and SoapUI Pro?

Ans. SoapUI is a web service testing tool and SoapUI Pro is its commercial version. SoapUI can help create functional, security and load testing test suites. SoapUI Pro does all that with advanced drag and drop, Data Driven testing, advanced reporting and coverage analysis. Check out this article for more information: https://www.softwaretestinghelp.com/soapui-tutorial-12-soapui-pro-features/

Q #16. What we can do with the help of SoapUI?

SoapUI offers us to perform automation testing which includes functional testing, load testing and Data Driven testing.
It also provides in build reporting tool and export test results log provision
We assert our services using various types of assertions
Q #17. What hierarchy does SoapUI follow to build a proper testing project?

In a SoapUI project, the following order should be maintained.

TestSuite – This is combination of functional tests and logical blocks
Testcase – It's a group that contains several test steps for the specific aspects of the service.
Teststep – it contains the set of functional tests
Q #18. What is the basic method to automate web services in SoapUI?

Ans.

Create a project and add the WSDL file
Add test suites, Test cases and Test cases- in that order
Include custom programming/validation using by adding Groovy steps
Call external data sources if using
Add assertions if necessary
Then RUN.

Q #19. What are SoapUI assertions?

Ans. Assertions compare the parts/all of the response message to the expected outcome.

Q #20. What are the major types of assertions available in SoapUI?

Assertions are one of the major features in SoapUI. It offers the following types of assertions.

Simple contains
Schema compliance
Simple not contain
Soap Faults
Response SLA
XPath Match
XQuery Match
WS security status
Script Assertion
WS- Addressing Request or Response Assertion
Additionally, Equals assertion is introduced in SoapUI NG Pro version

Q #21. What are the different types of assertions used in SoapUI?

Ans. The following are the different types of assertions:

Contains & Not Contains
XPath match
XQuery match
Schema compliance
Soap Faults
Response SLA
WS security Status
Script Assertion
WS- Addressing Request or Response Assertion


Q #22. Soap vs REST?

Ans.

SOAP is a protocol and REST is architecture. It allows us to send SOAP envelops to REST-based applications.
REST supports different message formats but SOAP permits XML only.
REST services are faster and easy to handle.
SOAP is tied with SMTP and HTTP protocols whereas REST relies on HTTP only.
SOAP is more secure and structured format.
REST does not depend on any specific standards as it supports various messaging formats like JSON, CSV and XML.
SOAP web services allow us to build the client with RESTful services.
SOAP was introduced for distributed computing.
After REST’s entry, it accommodated the web by its performance and scalability as it is a lightweight component.
REST is stateless whereas SOAP is a stateful specification.
REST uses Uniform Resource Identifier (URI) and it has the methods like GET, PUT, POST and DELETE to expose their resources.
SOAP uses named operations and interfaces to achieve its business logic.

Q #23. What can data sources be used in SoapUI?

Ans.
Excel Files
CSV Files
ODBC Sources
SQL / ADO Objects

Reference : https://www.softwaretestinghelp.com/soapui-interview-questions-and-answers/

Q #24. Explain what assertion is in Soap UI is and give some example of assertion possible in SOAPUI?

In SOAP UI assertion functionality is used to validate the response of request received by the Test Steps at the time of execution.  It is used to compare a part of message to some expected value.

Assertion types in SOAPUI includes

Simple contains
Schema compliance
Simple not contains
Soap Faults
Response SLA
XPath Match
XQuery Match
WS security status
Script Assertion
WS- Addressing Request or Response Assertion

Q #25. Does SoapUI support SSL Authentication

Yes

Q #26. Explain where you use properties in SoapUI?

We can read the property values into test step endpoint, username, header values, password, domain, POST, PUT, GET and DELETE method properties.

Q #27. Mention what languages does SoapUI use?

SOAP UI supports two language, Groovy, and JavaScript.

Q #28. Mention what are the default properties in SOAPUI?

By default, SOAPUI has properties at three levels

Project level default or custom properties:
User can append any number of properties at project level and it can be opened from any test steps from any test cases under any test suites

Test suite level default or custom properties:
User can append any number properties at test suite level and it can be used from any test steps from any test cases under this test suite

Test case level default or custom properties:
At Test Case level users can add any number properties at test case level and it can be used from any test steps from this test case

Q #29. SoapUI RESTful - HTTP Methods
The most-commonly-used HTTP methods are POST, GET, PUT, PATCH, and DELETE. These correspond to create, read, update, and delete (or CRUD)
operations, respectively. There are a number of other methods too, however they are utilized less frequently.

* POST:
The POST method is used to create new resources. It is used to create subordinate resources. That is, subordinate to some other (e.g. parent) resource.

In other words, when creating a new resource, POST to the parent and the service takes care of associating the new resource with the parent,
assigning an ID (new resource URI), etc.

On successful creation, return HTTP status 201, returning a location header with a link to the newly-created resource with the 201 HTTP statuses.

* GET:
The HTTP GET method is used to read or retrieve a representation of a resource. In successful response, GET returns a representation in XML or JSON
and an HTTP response code of 200 (OK). In an error case, it most often returns a 404 (NOT FOUND) or 400 (BAD REQUEST).

According to the design of the HTTP specification, GET (along with HEAD) requests are used only to read data and not change it.
Therefore, GET is considered as safe.

* PUT:
PUT is used to update the existing resources. PUT is used as a known resource URI with the request body that contains the
updated representation of the original resource.

PUT can also be used to create a resource where the resource ID is chosen by the client instead of by the server.
In other words, if PUT is used as a URI that contains the value of a non-existent resource ID.

* PATCH:
PATCH is used to modify capabilities. The PATCH request only needs to contain the changes to the resource, not the complete resource.
It resembles PUT, but the body contains a set of instructions describing how a resource currently residing on the server should be modified to produce a new version.

This means that the PATCH body should not just be a modified part of the resource, but should be in some kind of patch language
such as JSON Patch or XML Patch.

* DELETE:
DELETE is used to delete a resource identified by a URI. On successful deletion, it returns HTTP status 200 (OK) along with a response body,
representation of the deleted item. Else, it returns HTTP status 204 (NO CONTENT) with no response body.

In other words, a 204 status with no body, or the JSEND-style response and HTTP status 200 are the recommended responses.