Elevating API Testing with RESTAssured

What is called REST API?

A Rest API is a web-based API that follows the principles of REST architectural style. They provide a way for different software systems to communicate with each other via the Internet and allow developers to create robust and adaptable applications from the resources and functionalities of different services and platforms.

Major characteristics of the REST API

  1. Stateless: The Server does not store any content and requests that allow scalability and reliability. The main responsibility of the client is to pass its context to the server, and then the server can store this context to process the client's further request.
  2. Resources: The core concept of the REST API is Resources. It represents an entity, object, or method, such as a collection of users. Each resource is addressable by URL.
  3. HTTP Verbs: There are some standard HPPT methods such as GET, POST, PUT, PATCH, DELETE, etc.
  4. Representations: Resources can have multiple representations such as JSON, HTML, XML or Plain Text.

Client Server

API Testing Terms:

There are some API Testing terminologies that I will explain to you.

  1. Headers
  2. Path Parameters
  3. Query Parameters
  4. Payload
  5. Base URL
  6. Endpoint

Headers: Here, we need to pass a key-value pair or as a key with multi-values. We can use headers to pass the Authorization.

Header Authorization

Path Parameters: It is used to append the parameters to the URL and specify with the curly braces.

Path Parameters

Query Parameters: Using the Query params, we can identify the specific contents from the server. It will get the response for the specific contents by adding ‘?’ at the end of the URL. If you want to send multiple parameters, then you need to add ‘&’ at the end of the URL and the key-value.

Query Parameters

Payload: It sends the data to the server while using POST, PATCH, and PUT request. We need to pass that information in the Body parameters using a Key-value pair as a JSON, Text, JavaScript, XML, or HTML.

payload

Base URL & Endpoints: It is a base address for the specific API. If we want to retrieve specific contents from the resources, then we need to pass endpoints at the end of the URL

Automate GET, POST, PUT, PATCH, & DELETE HTTP requests

There are BDD Patterns that have given when and then statements:

given(): Here, we are sending Base URL, Headers, Path parameters, Content type, and request body.

when(): Here, we have to mentions which HTTP requests to hit: GET, POST, PUT, PATCH, or DELETE

then(): Here, we are validating the response code, response body, response messages, and response headers.

Automate GET request

Here is a script for fetching all the booking IDs, extracting responses, and printing using GET requests.

Automate Get Request

Automate POST request

Post request is basically used for adding records. Here, we get an auth token in the response by using this request. An auth token is used to authorize the user to access the resource.

Automate Post Request

Automate PUT request

PUT request is used for updating the records. Here, we need to pass Payload as a string to the body to update firstname and lastname.

Automate Put Request

Automate PATCH request

Patch request is used to update the records partially instead of updating entire records. Here we are updating firstname & lastname and validating the status code as 200.

Automate Patch Request

Automate DELETE request

When we delete any records, we need to pass the ID parameter to identify a particular record. For the first time, when you hit the request, the status code will be '201'. If you hit the same request again, the status code will be '405' as 'Method not allowed.

Automate Delete Request

Conclusion

RESTAssured allows developers and testers to create and manage automated API tests easily. We can run any API test cases by updating a JSON file and running the test cases. Also, we can use some advanced things in the dynamic JSON payloads using Matchers like 'equalTo', 'containsString', 'hasItem', etc. We can ignore specific fields by using the 'without' method.

About Author

Pratik ChauhanPratik Chauhan, a seasoned QA Executive, embarked on an exciting journey of professional growth in 2020, and his passion for learning and innovation has been the driving force behind their remarkable career.

Beyond working in a software testing company, Pratik possesses diverse interests in the world of music and loves to grab the opportunity to explore new destinations and cultures through travel.