Skip to content

RESTest Overview

Jump to bottom
José Luis García Marín edited this page Jul 20, 2023 · 8 revisions

In this page, we will dive into the fascinating world of RESTest, a powerful tool for testing and evaluating RESTful APIs in a simple and effective way. If you work with APIs and want to ensure their proper functioning, you've come to the right place!

What is RESTest?

RESTest is a comprehensive framework designed for automated black-box testing of RESTful web APIs. Its primary function is to test and validate APIs by generating and executing test cases based on the OpenAPI Specification (OAS) format. The tool incorporates state-of-the-art testing techniques, including fuzzing, adaptive random testing, and constraint-based testing, to ensure thorough API evaluation.

Key features of RESTest:

  1. Input Specification: RESTest takes the API specification in the OAS format as its input. This specification provides a detailed description of the API's endpoints, request and response formats, supported methods, etc.

  2. Test Case Generation: RESTest utilizes various advanced techniques like fuzzing, adaptive random testing, and constraint-based testing to generate test cases. These techniques ensure that a wide range of scenarios is covered, allowing for robust API testing.

  3. Custom Test Data Generation: For generating input data for the test cases, RESTest relies on custom test data generators. These generators automatically produce realistic data, such as email addresses, language codes, or strings that match regular expressions.

  4. Integration with Frameworks and Libraries: The test cases generated by RESTest can be seamlessly integrated into popular frameworks and libraries like REST Assured and Postman. This integration makes it easy to execute the test cases within familiar testing environments.

  5. Offline and Online Testing: RESTest provides flexibility in test case execution. It supports both offline testing (test case generation and execution performed separately) and online testing (test case generation and execution interleaved). This allows for different testing approaches based on specific requirements.

  6. Graphical Test Reports: RESTest automatically generates graphical test reports using the Allure framework. These reports provide clear insights into the test results, making it easier to interpret and analyze the testing outcomes.

  7. Extensibility: RESTest is an open-source tool, and it can be easily extended with new test case generation strategies, test data generators, and test writers. This extensibility allows developers to tailor the tool to suit their specific testing needs.

If you decide to use RESTest for testing your RESTful APIs, you can benefit from its advanced capabilities, flexibility, and support for various testing approaches. Whether you are conducting offline or online testing, RESTest can help you ensure the reliability and correctness of your API endpoints. Additionally, its integration with other testing frameworks simplifies the adoption and execution of test cases, further streamlining the testing process.

How does it work?

The figure below shows how RESTest works:

Architecture

  1. Test model generation: RESTest takes as input the OAS specification of the API under test, considered the system model. A test model is automatically generated from the system model including test-specific configuration data. The default test model can be manually enriched with fine-grained configuration details such as test data generation settings.

  2. Abstract test case generation: The system and the test models drive the generation of abstract test cases following user-defined test case generation strategies such as random testing. If the API under test contains inter-parameter dependencies, then constraint-based testing can be applied, specifying the dependencies in the OAS specification using the IDL4OAS extension (see examples here and here). Requests satisfying all inter-parameter dependencies are automatically generated thanks to IDLReasoner.

  3. Test case generation: The abstract test cases are instantiated into a specific programming language or testing framework using a test writer. RESTest currently supports the generation of REST Assured and Postman test cases.

  4. Test case execution: The test cases are executed and a set of reports and stats are generated. Stats are machine-readable, and the test reports can be graphically visualized thanks to Allure.

  5. Feedback collection: Test case generators and other components can react to the test outputs (i.e., the stats generated in the previous step) to create more sophisticated test cases. Examples of this are the stateful data generators (e.g., the BodyGenerator) and the StatsReportManager, both of which generate new test data based on previous API responses.

  1. Home
  2. RESTest Overview
  3. User manual
    1. Inter-parameter dependencies
    2. Test configuration files
    3. Allure Reports
    4. RESTest configuration files
  4. Developer's guide
    1. Test data generators
    2. Test case generators
    3. Test writers
    4. Workflow steps
    5. Conventions and good practices
  5. RESTest Command-Line Interface (CLI)
Clone this wiki locally