Skip to main content

Web Service Testing

This documentation section discusses web service testing-related features and configuration options.

Importing OpenAPI Documents

GUARDARA automatically generates test configurations based on OpenAPI 3 documents either uploaded as files or loading from a URL.

If you implemented your API documentation using multiple files, you must merge them into a single OpenAPI document. Alternatively, if all the documents are accessible from the network, you can provide the URL of the main document, and GUARDARA will automatically download the additional referenced documents.

The Static Analysis phase of the import process analyses the OpenAPI document for errors. You must address errors with fatal severity for GUARDARA to be able to create the test configurations and run tests against your service.

Schema Object Processing Customisation

It happens pretty often that, for example, multiple operations share a single Schema Object that defines the request or response body. However, some operations may not include certain parts of the data in the request or response. By default, GUARDARA processes the entire Schema Object and creates requests by including all parameters or object properties in the configuration. The x-guardara-omit OpenAPI extension allows you to tell GUARDARA to omit specific parts of the Schema Object from the generated test configuration.

As an example, lets have a look at the following OpenAPI document. The example uses the x-guardara-omit extension to tell GUARDARA not to include the User's id in the createUser operation.

openapi: 3.0.0
info:
description: Example
version: "1.0.0"
title: OpenAPI Extension Example
servers:
- url: http://localhost:8080/api/v1
description: Development
paths:
/user:
get:
summary: List all users
operationId: listUsers
responses:
200:
description: List of all users
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/User"
post:
summary: Create a new user
operationId: createUser
requestBody:
description: The user to be created
content:
application/json:
x-guardara-omit: "/schema/properties/id"
schema:
$ref: "#/components/schemas/User"
responses:
201:
description: User successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/User"
components:
schemas:
User:
type: "object"
properties:
id:
type: "integer"
format: "int64"
username:
type: "string"
firstName:
type: "string"
lastName:
type: "string"
email:
type: "string"
password:
type: "string"

Sanity Checks

By default, GUARDARA performs a sanity check at the beginning of each test run to detect issues related to the test configuration or the web service. GUARDARA will provide further information in the Activity Log before the test terminates if an issue is detected. You must address the reported issues to be able to perform an exhaustive test.

Alternatively, you can disable the Sanity Check on the Runtime Options tab of the Project configuration. The option to disable the check is under the Analysis Options section of the screen. Please note that it is highly recommended to keep Sanity Checks enabled for the best results.

Authentication

GUARDARA will ask for credentials during the OpenAPI document importing process if any Operations require authentication. If you wish to change the credentials later, you can do so by editing the Project configuration:

  1. Go to the Test Targets tab of the Project configuration
  2. Select the target using the dropdown menu on the top-right corner of the screen
  3. Expand the Authentication section of the target configuration to update the credentials