Assertions in ReadyAPI

HOME

What is an Assertion?

An assertion is used to test a logical expression. An assertion is true if the logical expression that is being tested is true and there are no bugs in the program. It can also be interpreted as a checkpoint or a validation point.

There are various types of assertions available in ReadyAPI. They are:-

  1. Property Content
  2. Compliance, Status and Standards
  3. Script
  4. SLA
  5. JMS Response
  6. Security

Example 1 – SLA Assertion

Let’s create an assertion that will check if the tested web service responds within a predefined time limit:

In Functional Tests, select POST Request in the Navigator panel and click Add Assertion:

In the dialog, select the SLA category on the left and then Response SLA on the right, and click Add

Let’s use 3000 milliseconds as the maximum allowed response time for our request. Enter 3000 and click the OK button.

Now, if the request takes longer than the specified number of milliseconds to complete, the assertion will trigger, and the test will fail. If the execution time is less than or equal to the specified value, the check will pass.

Run the request and see the SLA Response. This image shows that Response SLA Assertion is passed.

Example 2 – Check Response Contents

Now let’s see how you can verify response data. The sample response body has the JSON data format, so we will create an assertion for JSON data.

Make sure the request has a response.

In the subsequent dialog, select the Property Content category on the left and the JsonPath Match assertion on the right and click Add:

In the dialog, you need to enter a JSONPath expression that will extract some field from the response body and the expected value of this field:

Select the node on the toolbar and pick a value visually in the subsequent dialog. Let’s do this. Click the highlighted icon and select the name field of the first array item in the following dialog and click the OK button:

The JSONPath Expression field now contains the selector, and Expected Result contains the value extracted from the current response data:

Click the Save button to store the changes.

Since we have response data, the assertion will be applied immediately, and you will see its results on the Assertions page:

Example 3 – Check CONTAINS Assertion

In the subsequent dialog, select the Property Content category on the left and the JsonPath Match assertion on the right and click Add:

In the Contains Assertion dialog, I have mentioned “success” in Content which is present in the response body.

This image shows that the Contains Assertion is passed.

Now, let us add another Contains Assertion which does not contain the response body. In this case, the Assertion fails.

Example 4 – Smart Assertion

The Smart Assertion checks both the message content and the metadata such as headers, status codes, and parameters in accordance with the predefined set of rules.

To use this assertion, you need a ReadyAPI Test Pro license.

Send the request at least once so that ReadyAPI has a response to base the assertion on.

Received Data – The assertion will verify the payload of the request.

  • Received Metadata – The assertion will verify the metadata of the request; depending on the protocol, those can include headers, the HTTP status code, or Kafka partition and key values.

As I know, the Id value is dynamic for each response. So, I have unchecked that option.

The below image shows that the Smart Assertion is successful.

Now, let us add the id to the Smart Assertion.

This image shows that Smart Assertion is failing now.

We are done! Congratulations on making it through this tutorial and hope you found it useful! Happy Learning!!

How to create Functional Tests in ReadyAPI

HOME

ReadyAPI can be used to perform functional tests of SOAP, RESTful, GraphQL, Kafka, JMS or other API or web services. ReadyAPI functional tests verify that an API or a web service follows the required business logic.

This tutorial provides a detailed description of steps to be followed for creating a Functional Test

  1. Create a Functional Test.
  2. Run the Functional Test
  3. Test Result of a Functional Test
  4. Test Report Generation
  5. Sample Test Report

Create a Functional Test

Step 1 – Open the start page, click Create Functional Test 

Step 2 – Select Endpoint option in this dialog.

Step 3 – In the subsequent wizard, specify the method, URL of the web service’s definition. Then select the Next Button.

Endpoint – http://dummy.restapiexample.com/api/v1/employee/1

Step 4 – Select if you want to create a new project for the definition you have added, or add it to the existing project. Click the Next button to continue.

Step 5 – On this page of the wizard, you can select assertions to be added to the test. ReadyAPI adds the selected assertions to new test requests.

Assertions verify that your API works as expected. Select the selection and click the Next button.

Run the Functional Test

Step 6 – ReadyAPI will create a test project and add test cases to it. After that, it will display one more dialog box, where you can run the created tests or add a data source to them. Assume you don’t want to add a data source, so can run the tests by clicking the “Run” option.

Step 7 – This screen shows that a new project is created and a new functional test as shown in the image is created.

Step 8 – To run an individual request test step, select it in the Navigator panel on the left, and then click  Green arrow on the main toolbar or click on Send button on the request editor toolbar.

Test Result of a Functional Test

Step 9 – Image of a failed test result. When the test fails, the Request color as shown in the image will be red.

Step 10 – When the test is passed, the Request icon shown in the image will be green.

Step 11 – The Assertions panel lists the assertions you added to a test step or operation. Here, you can add and modify the assertions.

Test Report Generation

Step 12 – To open the Create Report dialog, click Report in functional tests at any level. Here, I have clicked on the Test Case – (http://dummy//rest..) and a Report tab is displayed.

Step 13 – The Create Report dialog configuration varies depending on the report type you select. You can create project reports only on the level of the Functional test in the Navigator. After selecting the required options, click on the OK button. This generates a Test Report as shown in the below image.

Sample Test Report

Congratulations!! We are able to create, run a Functional Test as well as able to generate the Test Report.

How to create Security Test from Functional test in ReadyAPI

HOME

The previous tutorial has explained the creation of a new Security Test. This tutorial explains the process to create a Security test from the existing Functional Test.

Steps to be followed to create a security test from a functional test case:

  1. Create the Security Test from Functional Test
  2. Run the Security Test
  3. Analyse Security Test Results
  4. Generation of Security Test Report
  5. Sample Test Report
  6. Analyse Security Test Report

Create the Security Test from Functional Test

Step 1 – Right-click the test case present under Functional Tests in the Navigator and select Create Security Test.

Step 2 – Click Select Test Target. Select the test case you want to apply the security scan to. All the applicable scans are selected by default

Leave the scans you want to have in your test checked and uncheck the other scans.

There is a list of Scans, you can select either one scan or multiple scans. I have selected all the scans.

  1. Boundary Scan
  2. Cross Site Scripting
  3. Fuzzing Scan
  4. Invalid Types
  5. SQL Injection
  6. XPath Injection
  7. HTTP Method Fuzzing
  8. Sensitive Files Exposure
  9. Weak Authentication

Click the OK button.

Step 3 – This screen shows all the scans added to the Security Test.

Run the Security Test

Step 4 – Click the Green arrow “Run” to start the test.

Step 5 – ReadyAPI will start sending modified requests and checking responses.

Step 6 – The security test window shows the progress of each test step and matching security scans. This screen shows all the configurations of Cross Site Scripting. Similarly, all the scans have their own in-built configurations.

Analyse Security Test Results

Step 7 – The Transaction Log shows additional information about security scans.

Step 8 – The details of a particular request or response are available in the inspector.

The Setup pane contains the detail about the configuration used for the tests.

Generation of Security Test Report

Step 9 – After the security test run finishes, click View Summary Report:

Step 10 – In the dialog that appears, click View Full Report.

Step 11 – After that, ReadyAPI will open the report in the default PDF viewer.

Sample Test Report

Analyse Security Test Report

 Step 12 – Example of HTTP Method Fuzzing

Example of Cross Site Scripting

Congratulations!! We have successfully created the Security Test from the Functional Test. We are also run the test and generated the Security Test Report also. That’s a great accomplishment.

How to create Security Tests in ReadyAPI

HOME

Security tests in ReadyAPI include various types of security scans. Each of them detects a specific vulnerability. With multiple security scans in one test, you guarantee your service is well-protected against possible attacks.

This tutorial explains the steps to create the Security tests in ReadyAPI.

To know how to install ReadyAPI, refer to the installation tutorial.

A version of ReadyAPI used for this tutorial- 3.20.0

This tutorial explains the below steps:-

  1. Create a Security Test
  2. Run the Security Test
  3. Analyse Security Test Results
  4. Generation of Security Test Report
  5. Sample Test Report
  6. Analyse Security Test Report

Create a Security Test

Step 1 – Select File ->New Security Test.

Step 2 – Select the URL option.

Step 3 – Enter the following URL and click the Next button:

URL – http://dummy.restapiexample.com/api/v1/employee/1

Step 4 – Select the scans you need and click the Finish button.

Another thing to keep in mind is to select whether you want to create a new project or add the test to an existing project. Here, I’m creating a new project.

There is a list of Scans, you can select either one scan or multiple scans. I have selected all the scans.

  1. Boundary Scan
  2. Cross Site Scripting
  3. Fuzzing Scan
  4. Invalid Types
  5. SQL Injection
  6. XPath Injection
  7. HTTP Method Fuzzing
  8. Sensitive Files Exposure
  9. Weak Authentication

Run the Security Tests

Step 5 – We have created a security test. ReadyAPI will offer you to run the security test immediately or edit it before running. We do not need to configure anything, so select the Run Security Test option.

If you want to edit the test before running it, then select the Edit Security Test option.

Step 6 – ReadyAPI will start sending modified requests and checking responses. 

The security test window shows the progress of each test step and matching security scans:

The Summary pane contains a short overview of the currently running security test.

Step 7 – After the security test run finishes, click View Summary Report:

Analyse Security Test Results

Step 8 – The Transaction Log shows additional information about security scans.

Step 9 – The details of a particular request or response are available in the inspector.

Generation of Security Test Report

Step 10 – In the dialog that appears, click View Full Report:

After that, ReadyAPI will open the report in the default PDF viewer.

This Summary Report shows there was a total of 258 scans and 28 issues are found. Out of 28 issues, 17 issues were Sensitive Files Exposure, and 11 issues are HTTP Method Fuzzing.

Sample Test Report

Analyse Security Test Report

Step 12 – Sensitive Files Exposure

Example of HTTP Method Fuzzing

Congratulations!! We have successfully created a Security test, run it as well as generating the Test Report, and analyzed the result too. Cheers!!!

ReadyAPI Tutorials

HOME

ReadyAPI is an easy-to-use no-code API Testing platform designed to streamline your testing workflows. Automate and scale your end-to-end tests across multiple API types. Run compatible load tests against your functional tests. Enable virtualization to ensure fast and reliable integrations for your development teams.

Chapter 1 How to install ReadyAPI
Chapter 2 How to create Security Tests in ReadyAPI
Chapter 3 How to create Security Test from Functional test in ReadyAPI
Chapter 4 How to create Functional Tests in ReadyAPI
Chapter 5 How to create Functional Tests in ReadyAPI
Chapter 6 Assertions in ReadyAPI