August 27, 2010

API Testing Steps

1.Identify the initial condition:
The testing of an API would depend largely on the environment in which it is to be tested. Hence initial condition plays a very vital role in understanding and verifying the behavior of the API under test. The initial conditions for testing APIs can be classified as
  • Mandatory pre-setters.
  • Behavioral pre-setters.

Mandatory Pre-setters
The execution of an API would require some minimal state, environment. These type of initial conditions are classified under the mandatory initialization (Mandatory pre-setters) for the API. For example, a non-static member function API requires an object to be created before it could be called. This is an essential activity required for invoking the API.
Behavioral pre-setters
To test the specific behavior of the API, some additional environmental state is required. These types of initial conditions are called the behavioral pre-setters category of Initial condition. These are optional conditions required by the API and need to be set before invoking the API under test thus influencing its behavior. Since these influence the behavior of the API under test, they are considered as additional inputs other than the parameters
Thus to test any API, the environment required should also be clearly understood and set up. Without these criteria, API under test might not function as required and leave the tester’s job undone.
2.Input/Parameter Selection: The list of valid input parameters need to be identified to verify that the interface actually performs the tasks that it was designed for. While there is no method that ensures this behavior will be tested completely, using inputs that return quantifiable and verifiable results is the next best thing. The different possible input values (valid and invalid) need to be identified and selected for testing. The techniques like the boundary values analysis and equivalence-partitioning need to be used while trying to consider the input parameter values. The boundary values or the limits that would lead to errors or exceptions need to be identified. It would also be helpful if the data structures and other components that use these data structures apart from the API are analyzed. The data structure can be loaded by using the other components and the API can be tested while the other component is accessing these data structures. Verify that all other dependent components functionality are not affected while the API accesses and manipulates the data structures
The availability of the source code to the testers would help in analyzing the various inputs values that could be possible for testing the API. It would also help in understanding the various paths which could be tested. Therefore, not only are testers required to understand the calls, but also all the constants and data types used by the interface.
3. Identify the combination of parameters: Parameter combinations are extremely important for exercising stored data and computation. In API calls, two independently valid values might cause a fault when used together which might not have occurred with the other combinational values. Therefore, a routine called with two parameters requires selection of values for one based on the value chosen for the other. Often the response of a routine to certain data combinations is incorrectly programmed due to the underlying complex logic.
The API needs to be tested taking into consideration the combination of different parameter. The number of possible combinations of parameters for each call is typically large. For a given set of parameters, if only the boundary values have been selected, the number of combinations, while relatively diminished, may still be prohibitively large. For example, consider an API which takes three parameters as input. The various combinations of different values for the input values and their combinations needs to be identified.
Parameter combination is further complicated by the function overloading capabilities of many modern programming languages. It is important to isolate the differences between such functions and take into account that their use is context driven. The APIs can also be tested to check that there are no memory leaks after they are called. This can be verified by continuously calling the API and observing the memory utilization.
4.Call Sequencing: When combinations of possible arguments to each individual call are unmanageable, the number of possible call sequences is infinite. Parameter selection and combination issues further complicate the problem call-sequencing problem. Faults caused by improper call sequences tend to give rise to some of the most dangerous problems in software. Most security vulnerabilities are caused by the execution of some such seemingly improbable sequences.
5.Observe the output: The outcome of an execution of an API depends upon the behavior of that API, the test condition and the environment. The outcome of an API can be at different ways i.e., some could generally return certain data or status but for some of the API's, it might not return or shall be just waiting for a period of time, triggering another event, modifying certain resource and so on.
The tester should be aware of the output that needs to be expected for the API under test. The outputs returned for various input values like valid/invalid, boundary values etc needs to be observed and analyzed to validate if they are as per the functionality. All the error codes returned and exceptions returned for all the input combinations should be evaluated.

About the Author


Author & Editor

Has laoreet percipitur ad. Vide interesset in mei, no his legimus verterem. Et nostrum imperdiet appellantur usu, mnesarchum referrentur id vim.

Post a Comment

Iwebslog Blog © 2015 - Designed by