The general understanding of interface testing is nothing more than input URL, parameter value, click request to send, check whether the response value and response status code are normal.
But the real focus of interface testing is not worth these. Today I’ll tell you what needs to be paid attention to in interface testing.
In the actual project, after the back-end interface test is passed, the general front-end needs to be tested again. Readers may ask questions: if the back-end interface is tested again and the front-end is tested again, is it repeated? In fact, the two are not repeated. The difference is that the back-end interface test and the front-end function test have different focuses. The back-end interface test focuses on checking the data exchange, transfer and control management process. The front-end function test is more to test whether the functions provided to users are correct and available. Although the key points of various tests are different, they also have the same parts. Take function test, business logic test, performance test and security test for example
1、 Interface function concerns
Function test: since the ultimate goal of the test is whether the business functions are correct and stable, whether it is the front-end function policy for users or the back-end interface test, function guarantee is the basic requirement, and it is also the highest overlap between the back-end test and the front-end test.
1. Whether the function of the interface is realized correctly
2. Whether the interface is implemented according to the design document (for example, if the user name parameter is written as name, then this is not consistent, because the interface document needs to be used in the whole development, so the actual design of the interface should be consistent with that in the interface design document)
3. Compatibility test: for example, today’s interface has been adjusted, but the front end has not been changed. At this time, it is necessary to verify whether the new interface meets the old calling mode
4. Error code test: whether the general error code and business error code can clearly explain the call problem, and whether the error code can cover all situations as far as possible
5. Return value test: in addition to the correct content, the return value also needs to be of the correct type to ensure that the caller can correctly parse these parameters
6. Default value test: in many cases, some non mandatory parameters will have default values. For example, for a query interface, the parameter count is the number of returned query results, and the default value is 10. Then there should be a case to test. Of course, the precondition is that there must be more than 10 such data in the database.
2、 Interface business logic test
1. Whether there are dependent businesses, such as checking orders, requires users to log in first, so be sure to log in or have corresponding cookies
2. Business logic test: pass the correct parameters, the interface to query the database, need to verify whether the database query is correct, the interface to add, delete and modify the database, also need to see whether the database is synchronized with these operations
3、 Interface performance test
1. Interface response time
2. Throughput of the server corresponding to the interface
3. Number of concurrent interfaces
4. Server import and export bandwidth
4、 Interface security test
1. Whether the sensitive information in the interface is encrypted
2. Whether the necessary parameters are also checked at the back end (at present, the front end and back end architectures of many systems are separated. From the security level, only relying on the front end for restriction can not meet the security requirements of the system (it is too easy to bypass the front end). The back end is also required to control. In this case, it needs to be verified at the interface level)
3. Whether the interface prevents malicious requests (SQL injection)
4. Cookie: modify or delete the cookie in the header to see if it can return the corresponding error code
5. Header: delete or modify the values of some parameters in the header to see if the corresponding error code can be returned
6. Unique identification code: delete and modify the unique identification code test
5、 Interface testing tools
apipostIt can test the function and business logic of the interface. In addition, it has powerful interface document generation function。
Powerful interface performance testing function of JMeter