10343nam a2200613 i 4500 almatuudk_9923197536202884 DE-602 20230405142210.0 m o d | cr cnu|||||||| 230405s2022 nyua ob 001 0 eng d 9781638351535 1638351538 (MiAaPQ)EBC7144489 (Au-PeEL)EBL7144489 (OCoLC)1351748423 (CKB)25605264500041 (OCoLC)1354573301 (OCoLC-P)1354573301 (CaSebORM)9781617299537 (Perlego)3768805 (EXLCZ)9925605264500041 MiAaPQ eng rda pn MiAaPQ MiAaPQ DE-83;9923197536202884 QA76.76.A63 .W568 2022 005.3 23 DE-83;9923197536202884 almatuudk_9923197536202884 Winteringham, Mark, author. Testing web APIs / Mark Winteringham ; foreword by Janet Gregory and Lisa Crispin. 1st edition. Shelter Island, New York : Manning Publications Co., [2022] ©2022 1 online resource (228 pages) text txt rdacontent computer c rdamedia online resource cr rdacarrier Intro -- inside front cover -- Testing Web APIs -- Copyright -- dedication -- contents -- front matter -- foreword -- preface -- acknowledgments -- about this book -- Who should read this book -- How this book is organized: A road map -- Prerequisites -- About the code -- liveBook discussion forum -- about the author -- about the cover illustration -- Part 1 The value of web API testing -- 1 Why and how we test web APIs -- 1.1 What's going on in your web APIs? -- 1.1.1 Complexity within web APIs -- 1.1.2 Complexity across many web APIs -- 1.2 How does testing help us? -- 1.2.1 Imagination -- 1.2.2 Implementation -- 1.2.3 The value of testing -- 1.2.4 Being strategic with API testing -- Summary -- 2 Beginning our testing journey -- 2.1 Introducing our product -- 2.1.1 Introducing our sandbox API -- 2.2 Familiarizing ourselves with restful-booker-platform -- 2.2.1 Researching the product -- 2.2.2 Researching beyond the product -- 2.3 Capturing our understanding -- 2.3.1 The power of models -- 2.3.2 Building our own models -- 2.4 Congratulations-you're testing! -- Summary -- 3 Quality and risk -- 3.1 Defining quality -- 3.1.1 Quality characteristics -- 3.1.2 Getting to know our users -- 3.1.3 Setting quality goals for our strategy -- 3.2 Identify risks to quality -- 3.2.1 Learning to identify risk -- 3.2.2 Headline game -- 3.2.3 Oblique testing -- 3.2.4 RiskStorming -- 3.3 A strategy's first steps -- 3.3.1 Picking the right approach for testing a risk -- Summary -- Part 2 Beginning our test strategy -- 4 Testing API designs -- 4.1 How do we test API designs? -- 4.1.1 Tools for questioning -- 4.1.2 Expanding your API design-testing techniques and tools -- 4.2 Using API documentation tools to test designs -- 4.2.1 Documenting APIs with Swagger/OpenAPI 3 -- 4.2.2 Beyond documentation -- 4.3 Encouraging teams to test API designs. 4.3.1 Getting buy-in and initiating opportunities to test API designs -- 4.3.2 Taking advantage of existing sessions -- 4.3.3 Establishing your own sessions -- 4.4 Testing API designs as part of a testing strategy -- Summary -- 5 Exploratory testing APIs -- 5.1 The value of exploratory testing -- 5.1.1 The testing cycle in exploratory testing -- 5.2 Planning to explore -- 5.2.1 Generating charters -- 5.2.2 Charters and exploratory testing sessions -- 5.2.3 Organizing our exploratory testing -- 5.3 Exploratory testing: A case study -- 5.3.1 Beginning the session -- 5.3.2 Knowing when something isn't right -- 5.3.3 Coming up with ideas for testing -- 5.3.4 Using tools -- 5.3.5 Note-taking -- 5.3.6 Knowing when to stop -- 5.3.7 Running your own exploratory testing session -- 5.4 Sharing your discoveries -- 5.5 Exploratory testing as part of a strategy -- Summary -- 6 Automating web API tests -- 6.1 Getting value from automation -- 6.1.1 The illusion of automation -- 6.1.2 Automation as change detection -- 6.1.3 Letting risk be our guide -- 6.2 Setting up a Web API automation tool -- 6.2.1 Dependencies -- 6.2.2 Structuring our framework -- 6.3 Creating automated API checks -- 6.3.1 Automated check 1: A GET request -- 6.3.2 Automated check 2: A POST request -- 6.3.3 Automated check 3: Combining requests -- 6.3.4 Running your automated tests as integration tests -- 6.4 Utilizing automation in our strategy -- Summary -- 7 Establishing and implementing a testing strategy -- 7.1 Establishing a strategy for our context -- 7.1.1 Identifying what's a priority -- 7.1.2 Different strategies for different contexts -- 7.2 Turning a testing strategy into a testing plan -- 7.2.1 Understanding your context's testability -- 7.2.2 Organizing and documenting a plan -- 7.2.3 Executing and reflecting on a plan -- 7.2.4 Evolving our strategy -- Summary. Part 3 Expanding our test strategy -- 8 Advanced web API automation -- 8.1 Acceptance test-driven development -- 8.1.1 Setting up an automated acceptance testing framework -- 8.1.2 Creating our failing automated check -- 8.1.3 Getting our automated check to pass -- 8.1.4 Beware of traps -- 8.2 Web API mocking -- 8.2.1 Getting set up -- 8.2.2 Building our mocked check -- 8.3 Running as part of a pipeline -- 8.3.1 Integrated with codebase -- 8.3.2 Separate to codebase -- Summary -- 9 Contract testing -- 9.1 What contract testing is and how can it help -- 9.2 Setting up a contract testing framework -- 9.2.1 Introducing Pact -- 9.3 Building a consumer contract test -- 9.3.1 Adding Pact to our class -- 9.3.2 Building the consumer check -- 9.3.3 Setting up and publishing to a Pact Broker -- 9.4 Building a provider contract test -- 9.4.1 Building the provider contract test -- 9.4.2 Testing out a change -- 9.5 Contract testing as part of a testing strategy -- Summary -- 10 Performance testing -- 10.1 Planning a performance test -- 10.1.1 Types of performance tests -- 10.1.2 Types of measurements for performance tests -- 10.1.3 Establishing performance testing goals and key performance indicators (KPIs) -- 10.1.4 Creating user flows -- 10.2 Implementing a performance test -- 10.2.1 Setting our performance testing tool -- 10.2.2 Building our performance test script -- 10.3 Executing and measuring a performance test -- 10.3.1 Preparing and executing our performance test -- 10.3.2 Analyzing results -- 10.4 Setting performance testing expectations -- Summary -- 11 Security testing -- 11.1 Working with threat models -- 11.1.1 Creating a model -- 11.1.2 Discovering threats with STRIDE -- 11.1.3 Creating threat trees -- 11.1.4 Mitigating threats -- 11.2 Applying a security mindset to our testing -- 11.2.1 Security testing in testing API design sessions. 11.2.2 Exploratory security testing -- 11.2.3 Automation and security testing -- 11.3 Security testing as part of a strategy -- Summary -- 12 Testing in production -- 12.1 Planning out testing in production -- 12.1.1 What to track -- 12.1.2 Service-level objectives -- 12.1.3 Service-level agreements -- 12.1.4 Service-level indicators -- 12.1.5 What to save -- 12.2 Setting up testing in production -- 12.2.1 Setting up a Honeycomb account -- 12.2.2 Adding Honeycomb to APIs -- 12.2.3 Advanced querying -- 12.2.4 Building SLO triggers -- 12.3 Taking testing in production further -- 12.3.1 Testing with synthetic users -- 12.3.2 Testing hypotheses -- 12.4 Expanding your strategy by testing in production -- Summary -- Appendix A. Installing the sandbox API platform -- A.1 Setting up restful-booker-platform -- index -- inside back cover. Description based on print version record. Includes bibliographical references and index. Ensure your web APIs are consistent and bug-free by implementing an automated testing process. In Testing Web APIs you will: Design and implement a web API testing strategy Set up a test automation suite Learn contract testing with Pact Facilitate collaborative discussions to test web API designs Perform exploratory tests Experiment safely in a downloadable API sandbox environment Testing Web APIs teaches you to plan and implement the perfect testing strategy for your web APIs. In it, you'll explore dozens of different testing activities to help you develop a custom testing regime for your projects. This practical book demystifies abstract strategic concepts by applying them to common API testing scenarios, revealing how these complex ideas work in the real world. You'll learn to take a risk-driven approach to API testing, and build a strategy that goes beyond the basics of code and requirements coverage. Your whole team will soon be involved in ensuring quality! About the Technology Web APIs are the public face of your application, and they need to be perfect. Implementing an automated testing program is the best way to ensure that your web APIs are production ready. About the Book Testing Web APIs is a unique and practical guide, from the initial design of your testing suite through techniques for documentation, implementation, and delivery of consistently excellent APIs. You'll see a wide range of testing techniques, from exploratory to live testing of production code, and how to save time with automation using industry-standard tools. This book helps take the hassle out of API testing. What's Inside Design and implement a web API testing strategy Set up a test automation suite Contract testing with Pact Hands-on practice in the downloadable API sandbox About the Reader For dedicated software QA and testers, or experienced developers. Examples in Java. About the Author Mark Winteringham is the OpsBoss at Ministry of Testing, where he teaches many aspects of software testing. Quotes. Application program interfaces (Computer software) Testing. Web applications Testing. Gregory, Janet, writer of foreword. Crispin, Lisa, writer of foreword. ISBN 9781617299537 ISBN 1617299537 BOOK cr 9923197536202884 DE-83 KOBV c false