Rest Assured Part -2

Can you show how we can use basic authentication in rest assured?

How to test REST API that requires digest authentication

Ans : To test the digest auth in Rest Assured, we will first have to set up a digest authentication schema in the code

 AuthenticationScheme authSchema = new PreemptiveDigestAuthScheme();

Then configure Rest Assured to use that schema

RestAssured.authentication = authSchema;

After that you can send the request to the server and then apply the required assertions on response.

Full code is show below

How will you write a simple Rest Assured testcase that validates sample json response?

Ans : It is simple – after importing the dependencies, you just have to make a request to the API endpoint and once you get the response, use jsonPath to supply the path to the value that you want to assert.

Let’s see this code below

API returns a simple integer array [1, 2, 3], how to test such a response using Rest Assured?

Ans: This can be done in this way – if you want to individually assert the values

An API returns a list of books. Now you have to validate that there are books which have prices less than 100 from the response?

Ans: We can do that by filtering the response in the jsonpath expression using findAll.

Lets say that the response contains a key price that shows the price of the books

How to pass multiple headers in the Rest Assured an easier way?

Ans : Ok. So you can pass the params as a hashmap and then use it in your headers

How to set Path Params in an API call using Rest Assured.

Ans: This can be done using pathParam() method in Rest Assured

How to test against an expected Status Code?

Ans:

How to extract API responses after validation?

Ans : The best way is to use jsonPath – and give the path of the element – like shown in this code

How will you extract custom node from Json response using JsonPath?

Ans: If there is a custom node, you can give the direct path to it as shown in the above code.

How to set cookies in API calls using Rest Assured?

Ans: This can. be done using the cookies() method in Rest Assured

For multiple cookies, you can create a map and then send it in the headers

How to verify cookie, status, headers & content-type in API response

Ans:

How to measure and validate API response time?

Ans:

How to test REST API that has CSRF enabled

Ans: CSRF or Cross Site Request Forgery is a attacking technique that the hackers use to get information through the network. You can read more about CSRF attacks here.

For protection against these attacks, there are CSRF token generated from the server that identify a real user from an attacker.

First step in this scenario , if you want to test a rest api with csrf token is that, you make a request to get the CSRF token.
Then use the token as a header – in most scenarios with CSRF protection, there will be a X-CSRF-Token or X-XSRF-Token header, where you need to pass the value obtained from Step 1 .

A sample code would look like this

Have you ever used Oauth 2.0 Authentication in API’s? How can I use that in rest assured?

Ans: Here the basic thing that interviewer wanted was to check if you know a bit or two about Oauth 2.0. OAuth 2.0 provides various methods to generate access tokens – one of them is using the Client ID and Client credentials . Since I’ve only worked using this technique , so I replied to this answer using this technique only.

Below is the sample code

If I’m sending a binary file in the API’s what’s the content type going to be? And can you show me how I can send a file in rest assured?

Ans: The Content type should be multipart/form-data but there are other content type also like for text it can be text/html or text/plain etc, and it can be different for others like image. But in Rest Assured, I’ve use the multipart/form-data for the API calls, so that can be used here

Sample code

How to handle object mapping to json – serialisation and deserialiation concept in Rest API’s?

Ans: I’ve written a detailed post on this – please refer to this.

Let’s say there are 10 API’s that you’ve to automate. Your API’s require 3 custom headers that has to be passed in each API. How can you implement this to minimize the code that has to be used with each call?

Ans: This can be done using the RequestSpecification class in Rest Assured. You create a request specification with the custom headers and then in spec() you can pass this specification, any number of times.

Not only headers, which ever things are common between multiple API’s can be put in this way.

I have a session cookie when I log into my account. How can I use that cookie in subsequent API calls?

Ans: You can fetch the cookies in the API call and then pass it on to the subsequent API calls.

How will you log network requests – params, body, headers, cookies, etc in API call via rest assured?

Ans: This can be done via the log().all() feature in Rest Assured I think. Not sure about the cookies but the other fields like headers, body, params etc gets logged using this method.

I have a POST API call. Now I want to print the response but only if an error occurs. How can I do it?

Ans: This can be done using the log().ifError() method in the call chaining.

In this code, there is a POST API call that is made – now as you can see there is a log().ifError() method chained to the method chaining. This means that the response will only be logged if there is an error – otherwise no response will be printed.