Postman automated interface testing practice

Background Description

There is a project that uses postman for interface testing. The parameters required for the interface are:

• appid: application identifier;
• sign: request signature, which needs to be calculated using the HMACSHA1 encryption algorithm. The signature string is: {appid}${url}${stamp};
• stamp: This is the timestamp;
• option: business parameter;

The question is how to dynamically build a signature based on the parameters when Postman initiates a request?

In the postman script library, CryptoJS supports encryption of various algorithms, including HMACSHA1 and signature algorithms.

The difficulty is to obtain the path parameter in the URL. When a request is initiated, a path value can be fixed. How to obtain the path value when the automated test needs to be executed?

Creating a GET request

The basic usage of postman is not introduced here. First, create a GET request with various dynamic parameters configured in the URL.

{ {variable name}}: the syntax for postman to reference environment variables;

{ {$guid}}: Postman predefined environment variable used to obtain a GUID value;

Build signatures in pre-request scripts

Pre-request scripts is a javascript execution environment that is executed before the request is sent; just use it as js, but some js libraries do not support it.

The next step is to dynamically obtain the signature

1. Fixed value configured in the appid environment variable;

2. Get the stamp timestamp:

//Get Unix time getUnixTime: function(){ return Math.round(new Date().getTime()/1000);
}

3. The url value can be obtained through request.url and then the path can be parsed:

//Get the path part of the url getUrlRelativePath:function(url){ var arrUrl = url.split("//");
    var start = arrUrl[1].indexOf("/");
    var end=arrUrl[1].indexOf("?");
    var relUrl = arrUrl[1].substring(start,end); //stop is omitted, intercepting all characters from start to the end console.log(relUrl); return relUrl;
}

4. Construct a signature string and encrypt it using the secret key.

The encryption algorithm library provided by Postman may not support all of them, and sometimes you need to exchange signatures with the backend;

var host = pm.environment.get("host"); var text = encodeURIComponent(plain);
pm.sendRequest(host+"/FaceIn/ToHmacsha1?plain="+text+"&secret="+sercret, function (err, response) { var json=response.json(); //The signature contains special characters such as + and needs to be url encoded pm.environment.set("sign",encodeURIComponent(json.result));
});

The signature string is preferably URL-encoded.

Legacy issue: When exchanging signatures from the backend, the string responsejson() is initially returned and cannot be parsed!

5. Use eval to inject the defined variable postmanUtil into the global variable and then call

eval(environment.postmanUtil);postmanUtil.setLsdzSign();

The result is as shown below:

The code is as follows:

var postmanUtil={ //Get Unix time getUnixTime:function(){ return Math.round(new Date().getTime()/1000);
  }, //Get the path part of the url getUrlRelativePath:function(url){ var arrUrl = url.split("//");
    var start = arrUrl[1].indexOf("/");
    var end=arrUrl[1].indexOf("?");
    var relUrl = arrUrl[1].substring(start,end); //stop is omitted, intercepting all characters from start to the end console.log(relUrl); return relUrl;
  }, //Signature setLsdzSign:function(){ var appid=pm.environment.get("appid"); var sercret=pm.environment.get("appsercret"); //Timestamp var time=postmanUtil.getUnixTime();
       pm.environment.set("stamp", time); //Address gets the path part of the current addressvar path= postmanUtil.getUrlRelativePath(request.url); console.log(path); var url=path; var plain=appid+"$"+url.toLowerCase()+"$"+time; var hmac = CryptoJS.HmacSHA1(plain, sercret).toString(CryptoJS.enc.Base64); //Get the signature, CryptoJS.HmacSHA1 cannot meet the signature algorithm and can only be obtained from the backgroundvar host=pm.environment.get("host"); var text=encodeURIComponent(plain);
        pm.sendRequest(host+"/FaceIn/ToHmacsha1?plain="+text+"&secret="+sercret, function (err, response) { var json=response.json(); //The signature contains special characters such as + and needs to be url encoded pm.environment.set("sign",encodeURIComponent(json.result));
        });
  }
}eval(environment.postmanUtil);
postmanUtil.setLsdzSign();

The script is written in the environment variable

Write the above code in Pre-request Script. If it is a single interface, it is still OK. Even if there are many interfaces, just copy one copy.

Trouble will come if the script needs to be modified. You need to go to the Pre-request Script window of each request to modify it. How to solve this problem?

This can be solved by defining postmanUtil in ENVIRONMENT as follows:

In fact, it just puts postmanUtil into the environment variable. Nothing else changes. Just maintain the value in the environment variable and you don't have to change them one by one.

Looking at the pre-request script code, it is much simpler:

Usage of Postman Console

If you don't know whether the environment variables have been successfully obtained, or if you want to view the value of a variable, Postman also provides a very convenient console view. Under the View menu, Show Postman Console can open the following console:

The figure shows the results of console.log(sercret) and sendRequest()

Collection Runner Automated API Testing

Create test cases for the interface

For the result of returning HTML, as long as the test body contains a certain value, it passes

For the returned Json result, as long as the Code is 0, it is passed.

There are common script shortcut operations on the right side of the window. You can generate them by selecting them. It is very convenient.

Select and run automated interface tests

Click Runner in the upper left corner of the homepage to enter, select the previously built interface, select the environment, and click Run xxx interface to run the script test

Test Results

You can see that the result 2 interface successfully returns the scheduled results.

This is the end of this article about the actual practice of Postman automated interface testing. For more relevant Postman automated interface testing content, please search for previous articles on 123WORDPRESS.COM or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future!