Shulou(Shulou.com)05/31 Report--

This article mainly explains "how to use python for interface testing". The content of the article is simple and clear, and it is easy to learn and understand. Please follow the editor's ideas to study and learn "how to use python for interface testing".

Interface testing pit

The first pit:

POST and GET----GET are generally used to obtain / query resource information, while POST is generally used to update resource information | Get is a request to the server for data, while Post is a request to submit data to the server.

Anyone who has done interface testing or front-end knows that the access mode of the interface is inconsistent, so postman is used for interface testing, because it can set post and get methods. Using python to simulate these two access methods is a top priority. Let's start with the GET way. The GET method is relatively simple. Put the interface into the browser address bar and click enter to complete a GET. So you need to use python to access URL to simulate a GET test.

Import urllib2 url_save = 'http://www.baidu.com/' try: s_save = urllib2.urlopen (url_save). Read () print s_save except urllib2.HTTPError, e: print e.code except urllib2.URLError, e: print str (e)

As shown above, a GET request is completed, the urllib2 library is called, a URL in the form of a string is passed to the urllib2.urlopen function, and the data returned by GET is stored using the read () method.

And then talk about POST. In fact, there are several other optional input parameters for the urlopen function we just used in python's urllib2 library, because these input parameters are given initialization values:

Def urlopen (url, data=None, timeout=socket._GLOBAL_DEFAULT_TIMEOUT, cafile=None, capath=None, cadefault=False, context=None):

As in the code above, the urllib library has a very intelligent problem. Data does not give a value, the access method is that GET,data gives a value, and the method becomes POST;, so the code that simulates POST mode is as follows:

Import urllib import urllib2 url = 'http://www.example.com' # values form: name:valuevalues = {' * *':'* *','* *':'* *','* *':'* *':'* *'} # use the urllib.urlencode function to process the values dictionary The final form is: * * = * & * data = urllib.urlencode (values) # if the data order is required, it is recommended to splice datareq = urllib2.Request (url, data) response = urllib2.urlopen (req) the_page = response.read ()

Just like the code above, write the data needed in POST mode into the data parameter, and the POST mode is simulated successfully.

The second pit: the use of cookie

The library needed to get cookie with python is called cookielib. Example of getting cookie:

# there are four kinds of CookieJar CookieJar is the original cookie_use = cookielib.CookieJar () handler = urllib2.HTTPCookieProcessor (cookie_use) # create an opener opener = urllib2.build_opener (handler) using handler bound with CookieJar # install opener into urllib2 urllib2.install_opener (opener) # use installed urllib2 to visit a website to get cookie urllib2.urlopen ('https://....../login') # at this time cookie has been obtained by CookieJar print cookie_use

In the next step, bind the acquired cookie to the opener header:

Bind the acquired cookie to opener. The cookie obtained in the previous step does not meet the following format. You need to slice and concatenate the string''opener.addheaders.append ((' Cookie', 'name=***&888=888')) by yourself.

Now opener can be used to visit any website that needs to be logged in!

Function: function implementation, implementation consistent with design, interface passing test

Robustness: boundary value, fault tolerance

Performance: concurrency and stress testing

Stability: stability of long-term operation

Security: SQL injection, session dependency, digital signature, security of http interface

Interface Typ

Common types of interfaces:

Http/Https interface: transfer interface data through http/https protocol (usually by string / binary), such as common web page forms, https is more secure

RESTful Api: REST is used to express state transmission. A design style, based on http/https protocol, regards all interfaces as resources, interfaces should be divided into versions, managed under a unified domain name, and different methods (get/post..) Do different things, usually using json format for requests and responses

Web Service: SOAP simple object-oriented protocol, a RPC scheme based on http. The interface returns some objects, which can be directly manipulated to achieve the business processing we need. Transfer data using xml format

RPC interface: RPC is a remote method call, there are different implementation schemes, all based on TCP/Http protocol. RPC can be used like our local import and invocation objects. Dubbo interface is also a kind of RPC interface.

Common interface data types:

Request data type (Content-Type): application/x-www-form-urlencoded: regular text-only web page form application/json: RESTful Api commonly used format, clear structure, with multi-layer nested multipart/form-data: mixed data form text/xml: xml format with both text, uploaded file or rich text box, and common format for RPC interface

Response data type string/html: return string or web page source code json: RESTful Api common response format, clear structure xml: RPC API common format

Common interface security verification methods:

Auth_1.0/Auth_2.0: universal interface authorization method

Session dependency: you need to log in before you can perform interface operations.

Token authentication: first, you need to use your own appid/appsecret to obtain a token (token with a certain validity period) by obtaining the token interface authentication identity, and then access the interface with token.

Digital signature: combine the original parameters according to certain rules, cooperate with timestamp or appsecret, generate a signature sign through encryption algorithm, and carry the signature for API request.

Common API request methods:

GET: get resources

POST: modifying resources

PUT: upload resources

DELETE: deleting resources

HEAD: request only the header of the page

PATCH: patch

OPTIONS: run the client to view server performance

.

Common status codes (RESTful specification):

200Series: 200 OK successfully-[GET]: resource acquired successfully 201 CREATED-[POST/PUT/PATCH]: created / modified 202Accepted-[*]: task accepted 204NO CONTENT-[DELETE]: deleted successfully

Series: redirect 301 Moved Permanently: permanent redirection 302 Found: temporary redirection

400: resource error 400 INVALID REQUEST-[POST/PUT/PATCH]: user request error 401 Unauthorized-[*]: no permission (authentication failed, interface layer) 403 Forbidden-[*] Resource access prohibited (server layer, no access permission) 404 NOT FOUND-[*]: resource does not exist 405 Method Not Allowd: access method is not allowed For example, using POST to access the interface 406 Not Acceptable that only supports GET requests-[GET]: the format of user requests is not available (for example, the format of user requests JSON But only XML format) 410 Gone-[GET]: resource is permanently deleted 422 Unprocesable entity-[POST/PUT/PATCH] validation error occurs while creating object

500 Series: server internal error (interface crash or Bug) 500 INTERNAL SERVER ERROR-[*]: server error

Interface service type:

Return data interface: only read data from the database

Business operational interface: database needs to be written (interface testing needs to involve parameterization or environment cleaning)

Quick start interface test

Get the interface document:

Wiki

Word document

Postman export

Abstract interface definition

Interface management platform

Interface document analysis

Functional analysis: whether it can meet the business (whether it lacks the parameters required by a certain front-end), and whether it can meet all business scenarios (whether there are missing development interfaces, such as only developing single-product interfaces, not developing package interfaces)

Design analysis: whether there are non-standard fields (e.g., nickname, passwd); non-standard formats (e.g. sex, male and female instead of 1Magazine 2); confusing fields (e.g. amount and total); misspelling of words; and whether there are different names corresponding to database fields (error prone)

Interface analysis: protocol type (http should consider security); request method (specification or not); request encoding format (form / Json/xml, many interface documents are not declared, resulting in test debugging failure); interface authorization method; interface business type (related to whether parameterization or environment cleaning is required); return value type and structure (related to how to assert)

Interface dependency: what environmental preparation and business scenarios are required, which interfaces are dependent, what dynamic data are available, and how can the preparatory environment be guaranteed?

Parameter analysis: parameter types of each parameter, composition rules, whether not to pass, whether it can be empty, whether multiple parameters are allowed.

Business analysis: for example, the price field must be consistent with the price field of the item in the database before it can be verified.

Non-functional: whether the technical implementation scheme of the interface is reasonable, whether it can meet the performance requirements of high concurrency, whether the processing of boundary value / limit value is appropriate, whether there is data format check at the front and back end, etc. (such as an order number generator with an accuracy of seconds, under high concurrency, it will lead to the problem of generating the same order number)

Others: such as anti-crawling, some restrictions and checks on headers, ip, etc.

Write interface use cases

Excel/TestLink/ Zen

Single interface use case: normal data / boundary data / exception data (robustness) / concurrency (consistency) / performance / security (packet capture forgery / SQL injection / cross-domain request)

Scenario use case: list common user scenarios, cover them with interfaces, and stress test business scenarios (looking for performance bottlenecks in a link)

Perform interface test

Postman: function debugging

Jmeter: performanc

Thank you for your reading. the above is the content of "how to use python for interface testing". After the study of this article, I believe you have a deeper understanding of how to use python for interface testing, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.