A case-study using: Java, REST Assured, Postman, Tracks, Curl and HTTP Proxies
This is the first book review I have written on my site. So of course I had to choose a great book that was relevant to my niche. Alan Richardson’s book on Automating & Testing a REST API fits the bill perfectly.
I am a big fan of Alan’s work. The first online video course that I took was Alan’s Selenium 2 course on Udemy. I was blown away by the depth of that course and how much I learnt from it. In fact it was this course that actually got me into automation!
On to the book itself then. If you are only starting out learning how to automate REST API’s this is a great book for you. But if you have a bit of experience already in this area, I think you will find this book as beneficial, if not more so.
In the book, Alan walks through his entire process when automating a new application. It starts out with a detailed account of how he does exploratory testing of the application. Also reading the API documentation, and identifying gaps in it. I know Alan is a big fan of documentation!
After the initial exploratory testing, there is an in-depth section on using a proxy to create test data. I found this explanation of “fuzzing” (capturing a HTTP request and modifying it slightly to create multiple different calls) very useful.
Alan also demonstrates how he uses cURL for some initial API testing. The commands that are shown in this section form the basis for the actual automation seen later.
We also see how to use Postman, with some nice tips and tricks included such as using environment variables and using Postman through a proxy.
We then start writing actual automation code. Firstly code that will create more test data for us. Then code that actually automates the behaviors identified from the exploratory testing and reading the documentation. Alan explains his process of building an automation framework, with excellent examples of how he abstracts the code and continuously refactors.
One of my favorite sections of the book is “App as API”. This is a term coined by Alan to mean treating the application as an API. This essentially means automating what the GUI does, but without actually using the GUI. So instead of using Selenium for example, we automate everything “behind the scenes” (the API calls).
Alan uses a lot of REST- assured in his framework. But not in the way that REST-assured is typically used. He makes this all very clear in the book, and it’s very interesting to see how he leverages it in non-traditional ways.
Other highlights of the book include:
- Detailed examples of installing the application under test. Including how to do that with a virtual machine.
- GitHub repository with all the source code for the book.
- Accompanying videos that explain some of the concepts in greater depth.
This is a fabulous book on how to do Automated API Testing properly. I highly recommend you check it out if you have any interest in this area.
One slight drawback is that all the examples are XML based, as that is what the AUT uses. It would have been nice to have some JSON examples. But that would have meant using another application, and the application that Alan has chosen lends itself very well to this sort of case study. Update 02/2018 – Alan has since updated his book to include JSON content!
The accompanying videos for the book are a nice touch. I would actually like to see these expanded upon, possibly into an entire video course. As someone who loves learning from video courses, I would say that! But there is more than enough material here for a comprehensive course in my opinion.
No matter your experience level, if you have an interest in API testing, buy this book. Alan is a master of his craft and you will learn a lot from him. If you don’t have an interest in API testing, you probably won’t get much from this book, but you knew that already, right?