REST API Testing with Rest Assured


Outline

In this post, I will explain what is API and API testing, what is the difference between SOAP and REST services, and how to test REST APIs with Rest Assured Library.

What is API?

API stands for Application Programming Interface. It comprises of a set of functions that can be accessed and executed by another software system.  Thus, it serves as an interface between different software systems and establishes their interaction and data exchange.

What is API Testing?

In the modern development world, many web applications are designed based on three-tier architecture model. These are:

1) Presentation Tier – User Interface (UI)

2) Logic Tier – Business logic is written in this tier. It is also called Business Tier. (API)

3) Data Tier – Here information and data is stored and retrieved from a Database. (DB)

Ideally, these three layers (tiers) should not know anything about the platform, technology, and structure of each other. We can test UI with GUI testing tools and we can test logic tier (API) with API testing tools. Logic tier comprises of all of the business logic and it has more complexity than the other tiers and the test executed on this tier is called as API Testing.

API testing tests logic tier directly and checks expected functionality, reliability, performance, and security. In the agile development world, requirements are changing during short release cycles frequently and GUI tests are more difficult to maintain according to those changes. Thus, API testing becomes critical to test application logic.

In GUI testing we send inputs via keyboard texts, button clicks, drop-down boxes, etc., on the other hand in API testing we send requests (method calls) to the API and get output (responses). These APIs are generally REST APIs or SOAP web services with JSON or XML message payloads being sent over HTTP, HTTPS, JMS, and MQ.

[Ref: wiki]

I don’t want to go into theory so much in this post. If you want to learn more theory on API testing, you can visit below websites.

https://www.soapui.org/testing-dojo/world-of-api-testing/what-makes-api-testing-special-.html
http://www.guru99.com/api-testing.html (Very introductive article.)
https://en.wikipedia.org/wiki/API_testing

REST vs SOAP

REST (REpresentational State Transfer)

REST is an architectural style that uses simple HTTP calls for inter-machine communication. REST does not contain an additional messaging layer and focuses on design rules for creating stateless services. A client can access the resource using the unique URI and a representation of the resource is returned. With each new resource representation, the client is said to transfer state. While accessing RESTful resources with HTTP protocol, the URL of the resource serves as the resource identifier and GET, PUT, DELETE, POST and HEAD are the standard HTTP operations to be performed on that resource. [1][2][6]

SOAP (Simple Object Access Protocol)

SOAP relies heavily on XML, and together with schemas, defines a very strongly typed messaging framework. Every operation the service provides is explicitly defined, along with the XML structure of the request and response for that operation. Each input parameter is similarly defined and bound to a type: for example, an integer, a string, or some other complex object. All of this is codified in the WSDL – Web Service Description (or Definition, in later versions) Language. The WSDL is often explained as a contract between the provider and the consumer of the service. SOAP uses different transport protocols, such as HTTP and SMTP. The standard protocol HTTP makes it easier for SOAP model to tunnel across firewalls and proxies without any modifications to the SOAP protocol. [3][4][6]

References:
http://searchsoa.techtarget.com/definition/REST [1] http://blog.pluralsight.com/representational-state-transfer-tips [2] https://www.soapui.org/testing-dojo/world-of-api-testing/soap-vs–rest-challenges.html [3] http://blog.smartbear.com/apis/understanding-soap-and-rest-basics/ [4] http://spf13.com/post/soap-vs-rest [5] http://searchsoa.techtarget.com/tip/REST-vs-SOAP-How-to-choose-the-best-Web-service [6]

REST API Testing with Rest Assured

What is Rest Assured?

In order to test REST APIs, I found REST Assured library so useful. It is developed by JayWay Company and it is a really powerful catalyzer for automated testing of REST-services. REST-assured provides a lot of nice features, such as DSL-like syntax, XPath-Validation, Specification Reuse, easy file uploads and with those features we will handle automated API testing much easier.

Rest Assured has a gherkin type syntax which is shown in below code. If you are a fan of BDD (Behavior Driven Development), I believe that you will love this kind of syntax.

Also, you can get JSON response as a string and send it to the JsonPath class and use its methods to write more structured tests. I generally prefer JsonPath for more structured tests.

For more theory, please visit below references. I want to go with an example questions and their solutions.

References:
https://github.com/jayway/rest-assured [1] (Rest Assured GitHub page)
http://www.hascode.com/2011/10/testing-restful-web-services-made-easy-using-the-rest-assured-framework/ [2] http://www.javacodegeeks.com/2015/04/automated-testing-of-rest-services.html [3] http://static.javadoc.io/com.jayway.restassured/rest-assured/1.6.1/com/jayway/restassured/path/json/JsonPath.html [4] http://www.javahotchocolate.com/notes/rest-assured.html [5]

Examples

Example-1:

Test Description: Test a search with a search term and number of 4 videos parameter.

Base URL: http://api.5min.com/

Base path: search

Search term: Barack Obama

Parameter: num_of_videos

URL: http://api.5min.com/search/barack%20obama/videos.json?num_of_videos=4

Expected Result: We will receive details of the URL to the video and associated title and description in JSON format.

Verifications/Tests:

  • Verify the HTTP response status returned.
  • Verify the response contained the relevant search term
  • Verify that only 4 video entries were returned
  • Verify that there is no duplicate video
  • Print video title, pubDate & duration

Example-2:

Test Description: Test a search with an id of video and number of 4 related videos parameter.

Base URL: http://api.5min.com/

Base Path: video

Search term: 519218045

Parameter: num_related_return

URL: http://api.5min.com/video/list/info.json?video_ids=519218045&num_related_return=4

Expected Result: We will receive details of that video and 4 related videos including their title, URL and associated image in JSON format.

Verifications/Tests:

  • Verify the HTTP response status returned.
  • Verify that response was successful and relevant to given video_id
  • Verify that 4 additional video entries were returned along with the given video_id
  • Verify that there is no duplicate in related videos
  • Print video title, permittedDeviceTypes status (for “Tablets”,”Handsets”,”ConnectedDevices”,”Computers”) & time duration

Solutions

Strategy:
First, it is very reasonable to use a framework/library which provides us testing an API easily in a short period of time and we chose the Rest-assured library. It is better to write the code with below rules.

Single Responsibility:
– Each test has a single responsibility and includes a single assertion.
Explicit separation has advantages while we are doing black-box testing.

High Level of Abstraction:
– The logic of a test should be written in a high-level way.
– All details such as sending request, creating request, dealing with IO should be done via utility methods not to do with inline methods.

Re-usability:
Write the class, methods etc. that can be re-used for the testing of other endpoints of API.

Documentation:
Add documentation, comments which describe the tests sufficiently.

Extra Tools:
You can format JSON responses with notepad++’s JSON Viewer plugin.

Rest Assured

Project Structure:

1) I wrote HelperMethods class and RestUtil classes for reusability and clean project structure.
– HelperMethods
class comprises of test-related functions.
– RestUtil
class contains Rest Assured related methods.

Rest Assured

2) Example1Test and Example2Test contain our tests and assertions.

3) AllApiTest is the test runner suite. We can run all the test with the AllApiTest test suit.

In this project, I used Maven and pom.xml is our dependency and profile xml file. We will also go into details of this file further.

Now we can start to examine the test code. We start with pom.xml.

POM.xml

In pom.xml we should add:

JUnit library – It is our test framework

Hamcrest library – For assertion methods

– Jayway Rest Assured library – It is our REST API testing library

– For running the test from command prompt with maven I also added AllApiTests profile at the end of the pom.xml. We can run all tests with “mvn test –PallApiTests” command.

pom.xlm code is shown below:

I tried to explain the other codes line by line. Now I want to go on with project’s JAVA files.

RestUtil.java

It is a utility class for Rest Assured Library. It contains many methods that help us to write our codes more effectively.

HelperMethods.java

It is another utility class for our example1 and example 2. It contains methods about example1 and example2. We created this class for creating clean project structure and prevent code replication.

Example1Test.java

I explained the code line by line below.

Example2Test.java

I explained the code line by line.

AllApiTest.java

It is our test suite. We use this class name to create a profile in pom.xml.

Rest Assured

Thus, we can run our tests on command prompt by typing below maven command.

mvn test –PallApiTests

Test Execution

When you create your project with the files that are described and shared in this post. You should go project directory in command prompt and simply type below command.

mvn test –PallApiTests

Then, our tests will run as shown below.

Rest Assured

Also, you can run the tests in IntelliJ or Eclipse.

Rest Assured

Github Link: https://github.com/swtestacademy/RestAssuredExample

javafx

Database Operations in JavaFX

By Onur Baskirt / Apr 1, 2016 / 56 Comments
Before started this section, please check the first article and learn How to Start JAVAFX! http://www.swtestacademy.com/getting-started-with-javafx/ At first, part of JavaFX tutorial series, we created a sample JavaFX project, designed the draft version of the UI and set up an...
extentreports

How to Write Smart XPath Locators

By Onur Baskirt / Sep 24, 2017 / 5 Comments
Hi all, in this tutorial, I will describe you how to write smart and non-brittle XPath locators. When we write our test scripts, we generally prefer to use id, name, class, etc. these kinds of locators. However, sometimes we could not...
extentreports

How to Write Effective CSS Locators

By Onur Baskirt / Oct 1, 2017 / 0 Comments
Hi all, in this tutorial, I will describe you how to write effective CSS locators to interrogate web elements for your automation projects. As a rule of thumb, your interrogation strategy should be in below order: First try to use...
rest assured

REST API Testing with Rest Assured

By Onur Baskirt / Mar 8, 2016 / 32 Comments
Outline In this post, I will explain what is API and API testing, what is the difference between SOAP and REST services, and how to test REST APIs with Rest Assured Library. What is API? API stands for Application Programming...
javafx

Getting Started with JavaFX

By Onur Baskirt / Mar 25, 2016 / 0 Comments
When I started to work in my current position, one of my task is to do manual operations for campaign products  every week. After the second week, I thought that I have to automate this task using a GUI based...
extentreports

Selenium-1: Quick Start to Automation with Selenium WebDriver & JAVA & JUnit & Maven & IntelliJ

By Onur Baskirt / Sep 8, 2015 / 26 Comments
Outline Selenium Webdriver is the most popular open source web test automation framework across the wide range of browsers and platforms. In this tutorial, you will learn how to do web test automation with Selenium Webdriver and the related tools....
extentreports

Selenium-11: Execute JavaScript with JavascriptExecutor

By Onur Baskirt / Jan 27, 2016 / 15 Comments
Outline Sometimes we cannot handle some conditions or problems with Webdriver, web controls don't react well against selenium commands. In this kind of situations, we use Javascript. It is useful for custom synchronizations, hide or show the web elements, change...
page object model

Page Object Model with C#

By Ege Aksoz / Jun 18, 2017 / 8 Comments
In the previous tutorial, we’ve taken the initial steps and entered the world of automated testing. We also wrote our first automated test. From this point on, since we are not just going to write one test, we need to...
extentreports

How to Select a Date From DatePicker Using Selenium

By Onur Baskirt / Aug 13, 2016 / 6 Comments
When you need to automate a airway, hotel, or similar websites you need to deal with Datepickers and some times it is a little bit cumbersome to select a specific date on the Datepicker or calendar.  In this post, I...

Getting Started with RobotFramework on Windows

By Onur Baskirt / Apr 25, 2016 / 12 Comments
What is RobotFramework? RobotFramework is a GENERIC test automation framework for acceptance testing and acceptance test-driven development (ATTD). What it means that you can do web, mobile, desktop and other test automation activities with related test libraries. These libraries can...
By | 2017-10-22T02:13:16+00:00 March 8th, 2016|Api Testing, Test Automation|32 Comments

About the Author:

Onur Baskirt
Onur Baskirt is a senior IT professional with 10+ years of experience. He worked at Bahçesehir University, ST Microelectronics, Huawei and Ericsson as research assistant, design verification engineer and software test leader. Also, he worked as software test leader and software operations manager at Turkey's biggest technology retailer, Teknosa. Now, he is working as Head of Software Testing and Manager of two Development Teams at Kariyer.net. His current research areas are technical software testing, programming, and computer science. Formerly, he has several research works and papers on digital chip design & verification. His hobbies are sport, dancing, traveling, and nutrition. You can find detailed information about him on his linked-in page.

32 Comments

  1. Raj May 24, 2016 at 6:15 pm - Reply

    Hi
    Can we use cucumber features to run API test.
    If so what does the framework involve.
    Please suggest any..

  2. varun July 3, 2016 at 9:58 am - Reply

    Hi Onur,

    Good Blog on API testing with Rest-Assured..!!!

    Do you have any working example that you can illustrate on POST request passing the data dynamically ( read JSON file and pass in test script).

    • Onur Baskirt
      Onur Baskirt July 4, 2016 at 3:57 pm - Reply

      Hi Varun,

      I do not have any working example. Now, I am in a vacation. I will also check after vacation.

  3. Swati Jha July 22, 2016 at 2:19 pm - Reply

    Hi Onur,

    Very helpful article. Thank you for giving such an explanation with relevant examples. It really helped in my project.

  4. ram August 4, 2016 at 5:48 am - Reply

    Very helpful.

  5. Dilip August 14, 2016 at 8:49 am - Reply

    Can you please give an example how to post a complex Json post body (POST Method) with data provider. the Post body should be constructed with the values from dataprovider.

  6. Murali August 18, 2016 at 5:15 pm - Reply

    Hi Baskirt,

    Thanks for detailed explanation. We are trying to implement the same. I am getting exception at ‘AfterTest’ method.

    Am i missing any configuration?

    public void afterTest (){
    //Reset Values
    RestUtil.resetBaseURI();
    RestUtil.resetBasePath();
    }

    java.lang.IllegalArgumentException: baseURI cannot be null

  7. Param September 12, 2016 at 8:27 am - Reply

    Hi Baskirt,

    I have my test cases written in SOAP UI PRO tool, is there any way that i can migrate those TCs to Rest Assured?

  8. archana October 28, 2016 at 9:53 am - Reply

    thank you. very useful article.

  9. Ashish April 20, 2017 at 12:22 pm - Reply

    Hi Onur,

    I am really happy that you have posted this article . Thank you so much for this article and it really helped me.

    Do you have any working example that you can illustrate on POST request passing the data dynamically ( read JSON file and pass in test script).

  10. Neda June 5, 2017 at 6:39 pm - Reply

    Hi Onur, I’m thinking of using Rest Assured for my API testing, then I saw RunScope online where you can monitor tests and run tests + implementation of tests are easy. Do you know if Rest Assured is still to prefer or should I go for RunScope?

    • Onur Baskirt
      Onur Baskirt June 5, 2017 at 8:31 pm - Reply

      Hi Neda,

      If you want to use open-source solution you can use RestAssured. It is also not hard to use it and it has a significant community. When u get in trouble, you can find many blog articles or StackOverflow questions/answers. But If you want to go faster and much easier tool, you can go with Runscope. If I were you, I would try RestAssured for 2-3 weeks. If I could not reach my goals, then I switch to RunScope. But If you have very limited time and if you need to give a decision quickly, you can go on with RunScope.

  11. Raveendar Reddy July 15, 2017 at 9:24 am - Reply

    Hi.. It is a nice post..
    I recently tried a new framework ‘Karate’ for REST API automation.
    Below is the link
    https://github.com/intuit/karate
    They are claiming that it is a really good tool which is lot better than Rest-Assured. I am bit confused in choosing in between these two framework for our API automation.Could you please suggest is Karate really good.Or are there any drawbacks?

    • Onur Baskirt
      Onur Baskirt July 17, 2017 at 9:33 am - Reply

      I haven’t tried Karate but RestAssured is a good library.

  12. Harkirat August 11, 2017 at 9:29 am - Reply

    I am using Version 0.1.9 of Rest Assured for .Net. I wanted to use https for sending the request instead of http.
    Please could you advice if there is some way to use https as UseHttps() is not working.

    • Onur Baskirt
      Onur Baskirt August 11, 2017 at 9:29 pm - Reply

      I did not have any experience on .NET. It is better to google it that problem 😉

  13. QA_Shailendra September 3, 2017 at 8:34 pm - Reply

    @Onur Baskirt, Thanks alot.

    I really learned too much about restful api testing through your written, could you please help me out for connecting database to get expectedresult in below script:

    //@Test
    public void test_07(){
    Response resp = given().
    param(“userid”,”40″ ).
    param(“user_id”, “72”).
    param(“token”, “any toekn”).
    when().
    get(“http://iloverestapitesting”);
    String actualUserReport = resp.
    then().
    contentType(ContentType.JSON).
    extract().
    path(“user_detail.email”);

    String expectedUserReport = null;——>> help me out here for database connection

    if(actualUserReport.equals(expectedUserReport)){
    System.out.println(“User Report API is working fine and test case pass”);
    }
    else{
    System.out.println(“User Report is not found and API is not working fine and test case failed”);

    }

  14. Serhat Özdursun September 12, 2017 at 3:57 pm - Reply

    Hi Onur,

    It has been a very helpful article. thank you

    I am having a problem. when validating a schema, if a value returns null, rest assured throw assertion error. how can i fixed it ?

    • Onur Baskirt
      Onur Baskirt September 12, 2017 at 4:26 pm - Reply

      Thanks, Serhat. Have you tried try/catch block? I also found this link. They also offered to catch the exception with AssertionError. https://stackoverflow.com/questions/19390295/rest-assured-exception-when-test-fails

      • Serhat Özdursun September 13, 2017 at 9:37 am - Reply

        Onur thanks for answering. I had been different problem. But i was find correct reason. Json Schema i used was incorrect.

        incorrect schema:

        “installment”: {
        “id”: “/properties/installment”,
        “type”: “integer”
        },

        correct schema need to use:

        “installment”: {
        “id”: “/properties/installment”,
        “type”: [“integer”,”null”]
        },

        • Onur Baskirt
          Onur Baskirt September 13, 2017 at 12:14 pm - Reply

          It’s great to hear that you solved the problem. Good luck on your project. 😉

  15. Sudha October 7, 2017 at 3:43 am - Reply

    HI Onur,
    1. Could you please let me can i Connect to Jenkins for CI? I need to run my APi every 10 mins and genrate reports and get email notification if response code is not 200?
    2. Does RA supports Database testing?
    3. My response content type is “text/xml” i am finidng most of the examples in JSON only. could u please give me some examples on XML, and XML methods??
    4. could u please give Data Driven example on RA from reading or validating from excel sheet? or extracting all url from excel sheet one after one.

    Thanks,

Leave A Comment