CN112632527A - API (application programming interface) testing method and system for service open platform - Google Patents

API (application programming interface) testing method and system for service open platform Download PDF

Info

Publication number
CN112632527A
CN112632527A CN202011509272.6A CN202011509272A CN112632527A CN 112632527 A CN112632527 A CN 112632527A CN 202011509272 A CN202011509272 A CN 202011509272A CN 112632527 A CN112632527 A CN 112632527A
Authority
CN
China
Prior art keywords
api
service
sandbox environment
gateway
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011509272.6A
Other languages
Chinese (zh)
Other versions
CN112632527B (en
Inventor
白雪珂
袁自强
舒南飞
林文辉
李瑞祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Aisino Corp
Original Assignee
Aisino Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aisino Corp filed Critical Aisino Corp
Priority to CN202011509272.6A priority Critical patent/CN112632527B/en
Publication of CN112632527A publication Critical patent/CN112632527A/en
Application granted granted Critical
Publication of CN112632527B publication Critical patent/CN112632527B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3664Environments for testing or debugging software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Software Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses an API test method and system for a service open platform, which comprises the following steps: isolating the production environment gateway from the sandbox environment gateway based on a Kubernetes naming space, determining the minimum resource requirement of the sandbox environment gateway, and realizing the rapid deployment of the sandbox environment gateway service based on a yaml file according to the minimum resource requirement; the publisher synchronizes the API established in the production environment to the sandbox environment through the service open platform; when the publisher tests the API, an anonymous user is created in the sandbox environment gateway, so that the publisher initiates a service calling request by modifying the parameter value by utilizing the anonymous role, and obtains service calling response information to determine an API debugging result; when the caller carries out API test, a temporary user is established in the sandbox environment gateway, so that the calling can initiate a service calling request by modifying the parameter value by using the role of the temporary user, and service calling response information is obtained, so that the caller can determine the API test result.

Description

API (application programming interface) testing method and system for service open platform
Technical Field
The present invention relates to the field of testing technologies, and in particular, to an API testing method and system for a service open platform.
Background
The service open platform is used for concentrating common technologies in the fields of artificial intelligence, big data analysis and the like to operate and maintain efficiently, and sharing the common technologies outside in an API (application programming interface) mode, so that the problems of repeated development of basic capacity, resource waste in research and development, manpower consumption for service operation and maintenance and the like are effectively solved. The service open platform mainly provides full life cycle management and operation data statistical analysis functions of API release, test, authorization, offline and the like for users with two roles of API callers and API developers. The core of the service open platform is an API gateway, and the API gateway is responsible for taking over all API call inlet flows and forwarding user requests to a server at the back end. The API gateway simultaneously provides the functions of authentication, flow limitation, authority control, fusing, protocol conversion, logging, monitoring and the like.
The API test function of the existing service open platform basically adopts the following two schemes: 1) the user can directly input parameters or upload files on the platform interface to make API calls, and authentication (or user-imperceptible) is not performed in the process and the call quantity is not limited. The user can quickly know the API function through the scheme, but the user cannot intuitively know how to transmit the authentication parameters when calling the API because the user is not authenticated. 2) The application can use the distributed authentication information to perform API test on the platform after authorization. The scheme needs complicated API subscription and authorization processes and is not friendly to users.
Therefore, a method for rapidly and easily performing API testing is needed.
Disclosure of Invention
The invention provides an API testing method and system for a service open platform, and aims to solve the problem of how to quickly, simply and conveniently test an API.
In order to solve the above problem, according to an aspect of the present invention, there is provided an API testing method for a service open platform, the method including:
isolating the production environment gateway from the sandbox environment gateway based on a Kubernetes naming space, determining the minimum resource requirement of the sandbox environment gateway, and realizing the rapid deployment of the sandbox environment gateway service based on a yaml file according to the minimum resource requirement;
the publisher synchronizes the API established in the production environment to the sandbox environment through the service open platform;
when a publisher tests an API, an anonymous user is created in a sandbox environment gateway, so that the publisher initiates a service calling request by modifying a parameter value by utilizing the anonymous role, the service calling request is forwarded to a back-end service through the sandbox environment gateway, and service calling response information is obtained, so that the publisher determines an API debugging result according to the response information;
when a caller carries out API test, a temporary user is established in a sandbox environment gateway, API access authority is given to the temporary user, so that calling can initiate a service calling request by modifying a parameter value by using the role of the temporary user, the service calling request is forwarded to a back-end service through the sandbox environment gateway, service calling response information is obtained, and the caller determines an API test result according to the response information.
Preferably, wherein said determining the minimum resource requirement of the sandbox environment gateway comprises:
and determining the number of CPUs, memories and instances of the sandbox environment gateway based on the resource use condition of the production environment, the historical calling statistical data and the maximum concurrency limit of the sandbox environment service calling.
Preferably, the method synchronizes the API that has been created in the production environment to the sandbox environment by:
acquiring an API name, a rear-end address, a front-end access address and an authentication mode from a database, creating target, upstream, service and route required by the API in a sandbox environment gateway based on corresponding API information, and binding a plug-in corresponding to the API authentication mode and an access flow limiting plug-in;
and when the API has a test environment back-end access address, setting the back-end address as the test environment back-end address when synchronizing the API with the sandbox environment.
Preferably, wherein the response information includes: response code information, response delay information, response Header information, and response body information.
Preferably, wherein the method further comprises:
creating a corresponding flow restriction plug-in for the anonymous user;
and creating a corresponding authentication plug-in and a flow limiting plug-in for the temporary user.
Preferably, wherein the method further comprises:
and setting an access address, a parameter value and authentication information of the sandbox environment API corresponding to the service request address, automatically generating a sandbox environment service access sdk in a preset language, and simultaneously changing the service request address into the access address of the production environment API and the authentication information into the authentication information acquired after platform authorization by a caller, so that the production environment API is called by using sdk.
Preferably, wherein the method further comprises:
the sandbox environment gateway imports the access log of the API test function into an elastic search through logstack to monitor the access log in real time, and gives an alarm when the peak access amount or the access flow exceeds the capacity of the sandbox environment gateway, so that an administrator can perform elastic expansion example on the sandbox environment gateway in time.
According to another aspect of the present invention, there is provided an API testing system for a service open platform, the system including:
the sandbox environment gateway building unit is used for isolating the production environment gateway from the sandbox environment gateway based on a Kubernetes naming space, determining the minimum resource requirement of the sandbox environment gateway, and realizing the rapid deployment of the sandbox environment gateway service based on a yaml file according to the minimum resource requirement;
the API synchronization unit is used for enabling the publisher to synchronize the API which is created in the production environment to the sandbox environment through the service open platform;
the API debugging unit is used for creating an anonymous user in the sandbox environment gateway when a publisher tests the API, so that the publisher initiates a service calling request by modifying the parameter value by utilizing the anonymous role, forwards the service calling request to a back-end service through the sandbox environment gateway, and obtains service calling response information so that the publisher determines an API debugging result according to the response information;
and the API testing unit is used for creating a temporary user in the sandbox environment gateway when the caller performs API testing, endowing API access authority to the temporary user, enabling the call to use the temporary user role to initiate a service call request by modifying the parameter value, forwarding the service call request to a back-end service through the sandbox environment gateway, and acquiring service call response information so that the caller can determine an API testing result according to the response information.
Preferably, the determining the minimum resource requirement of the sandbox environment gateway by the sandbox environment gateway building unit includes:
and determining the number of CPUs, memories and instances of the sandbox environment gateway based on the resource use condition of the production environment, the historical calling statistical data and the maximum concurrency limit of the sandbox environment service calling.
Preferably, the API synchronization unit synchronizes an API that has been created in a production environment to a sandbox environment by:
acquiring an API name, a rear-end address, a front-end access address and an authentication mode from a database, creating target, upstream, service and route required by the API in a sandbox environment gateway based on corresponding API information, and binding a plug-in corresponding to the API authentication mode and an access flow limiting plug-in;
and when the API has a test environment back-end access address, setting the back-end address as the test environment back-end address when synchronizing the API with the sandbox environment.
Preferably, wherein the response information includes: response code information, response delay information, response Header information, and response body information.
Preferably, wherein the system further comprises:
the plug-in creating unit is used for creating a corresponding flow limiting plug-in for the anonymous user; and the system is used for creating a corresponding authentication plug-in and a flow limiting plug-in for the temporary user.
Preferably, wherein the system further comprises:
the sandbox environment service sdk automatic generation unit is used for setting an access address, a parameter value and authentication information of the sandbox environment API corresponding to the service request address and automatically generating a sandbox environment service access sdk in a preset language, and meanwhile, a caller changes the service request address into the access address of the production environment API and the authentication information into the authentication information acquired after platform authorization, so that the production environment API is called by sdk.
Preferably, wherein the system further comprises:
and the access log processing unit is used for leading the access log of the API test function into the ElasticSearch through logstack by the sandbox environment gateway so as to monitor the access log in real time, and giving an alarm when the peak access amount or the access flow exceeds the capacity of the sandbox environment gateway, so that an administrator can perform an elastic expansion example on the sandbox environment gateway in time.
The invention provides an API testing method and system for a service open platform, wherein a sandbox environment gateway is isolated through a Kubernetes naming space, API information is synchronized in the sandbox environment gateway, API access control and log management are independently carried out, and sandbox environment deployment is not required for actual back-end service; simultaneously, providing two API test schemes of anonymous user access without authentication and temporary user access with access authority aiming at users with different roles; the scheme of the invention can realize rapid, simple and visual debugging before service release and testing before service call, and ensure the safety and stability of the online service.
Drawings
A more complete understanding of exemplary embodiments of the present invention may be had by reference to the following drawings in which:
FIG. 1 is a flow diagram of an API testing method 100 for an open service platform according to an embodiment of the present invention;
FIG. 2 is an architecture diagram of a sandbox environment gateway according to an embodiment of the present invention;
FIG. 3 is a flow diagram of API debugging according to an embodiment of the present invention;
FIG. 4 is a flow diagram of API testing according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an API testing system 500 for a service open platform according to an embodiment of the present invention.
Detailed Description
The exemplary embodiments of the present invention will now be described with reference to the accompanying drawings, however, the present invention may be embodied in many different forms and is not limited to the embodiments described herein, which are provided for complete and complete disclosure of the present invention and to fully convey the scope of the present invention to those skilled in the art. The terminology used in the exemplary embodiments illustrated in the accompanying drawings is not intended to be limiting of the invention. In the drawings, the same units/elements are denoted by the same reference numerals.
Unless otherwise defined, terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Further, it will be understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and will not be interpreted in an idealized or overly formal sense.
Fig. 1 is a flowchart of an API testing method 100 for a service open platform according to an embodiment of the present invention. As shown in fig. 1, in the API testing method for a service open platform according to the embodiment of the present invention, a sandbox environment gateway is isolated through a Kubernetes namespace, API information is synchronized at the sandbox environment gateway, access control and log management of an API are independently performed, and deployment of a sandbox environment is not required for actual back-end services; simultaneously, providing two API test schemes of anonymous user access without authentication and temporary user access with access authority aiming at users with different roles; the scheme of the invention can realize rapid, simple and visual debugging before service release and testing before service call, and ensure the safety and stability of the online service. The API testing method 100 for the service open platform provided by the embodiment of the present invention, starting at step 101, isolates the production environment gateway from the sandbox environment gateway in step 101 based on the kubernets namespace, determines the minimum resource requirement of the sandbox environment gateway, and implements rapid deployment of the sandbox environment gateway service based on the yaml file according to the minimum resource requirement.
Preferably, wherein said determining the minimum resource requirement of the sandbox environment gateway comprises:
and determining the number of CPUs, memories and instances of the sandbox environment gateway based on the resource use condition of the production environment, the historical calling statistical data and the maximum concurrency limit of the sandbox environment service calling.
The method is a method for debugging the API opened by the service open platform before release and testing the API before use, which is oriented to users with two roles of API issuers and API callers, and utilizes limited resources to quickly build the sandbox environment gateway, so that the users can conveniently and visually know the API calling mode and the API performance through the sandbox environment gateway.
In the embodiment of the invention, a kubernets namespace is utilized to realize the resource isolation of a production environment (namely an online environment) and a test environment (namely a sandbox environment), the minimum resource requirement of a sandbox environment gateway is determined based on the resource use condition of the production environment, historical calling statistical data and the maximum concurrency limit of sandbox environment service calling, and the rapid deployment of the gateway service of the test environment is realized in a yaml file mode. Specifically, by utilizing Kubernets namespace isolation and adopting a production environment gateway yaml file, only the namespace and the resource configuration are modified so as to quickly pull up the sandbox environment gateway service. Then, physical resource configuration and the number of instances such as a Central Processing Unit (CPU) and a memory of the sandbox environment gateway are set by analyzing log statistical data called by the gateway service of the production environment, resource utilization conditions and maximum concurrency limit called by the gateway service of the sandbox environment. Meanwhile, the invention monitors the resource utilization rate of the sandbox environment gateway in real time and performs elastic expansion and contraction on the deployment of the sandbox environment gateway. The production environment gateway and the sandbox environment gateway independently perform API management, access authority management and access log management.
At step 102, the publisher synchronizes the APIs that have been created in the production environment to the sandbox environment through the service opening platform.
Preferably, the method synchronizes the API that has been created in the production environment to the sandbox environment by:
acquiring an API name, a rear-end address, a front-end access address and an authentication mode from a database, creating target, upstream, service and route required by the API in a sandbox environment gateway based on corresponding API information, and binding a plug-in corresponding to the API authentication mode and an access flow limiting plug-in;
and when the API has a test environment back-end access address, setting the back-end address as the test environment back-end address when synchronizing the API with the sandbox environment.
In an embodiment of the present invention, when synchronizing an API to a sandbox environment, a publisher may synchronize an API that has been created in a production environment to the sandbox environment through a "synchronize to sandbox environment" button set by a service open platform interface. As shown in fig. 2, the system obtains information such as an API name, a back-end address, a front-end access address, an authentication method, and the like from a database, creates a target, an upstream, a service, and a route required by the API in a sandbox environment gateway based on corresponding API information, and binds a plug-in corresponding to the API authentication method and an access traffic restriction plug-in. In addition, if the API has a test environment back-end access address, the publisher may set the back-end address as the test environment back-end address when synchronizing the API with the sandbox environment.
In step 103, when the publisher performs API testing, an anonymous user is created in the sandbox environment gateway, so that the publisher initiates a service call request by modifying the parameter value using the anonymous role, forwards the service call request to the back-end service through the sandbox environment gateway, and obtains service call response information, so that the publisher determines an API debugging result according to the response information.
In step 104, when the caller performs API testing, a temporary user is created in the sandbox environment gateway, and an API access right is given to the temporary user, so that the call can initiate a service call request by modifying a parameter value using the role of the temporary user, the service call request is forwarded to a back-end service through the sandbox environment gateway, and service call response information is obtained, so that the caller determines an API testing result according to the response information.
Preferably, wherein the method further comprises:
creating a corresponding flow restriction plug-in for the anonymous user;
and creating a corresponding authentication plug-in and a flow limiting plug-in for the temporary user.
In the embodiment of the invention, different test schemes are respectively provided for users with two roles of API publisher and caller: 1) the publisher can rapidly detect the service configuration and performance through the anonymous user authentication-free access; 2) and a temporary access authority is created for the caller, the caller does not need to be authorized by a background, and only accesses the caller through the temporary user authority and the authentication information, so that the service calling test is conveniently and visually carried out.
Wherein the publisher conducts API debugging through anonymous users. Specifically, the system creates an anonymous user at the sandbox environment gateway, which can access existing APIs of the sandbox environment gateway without authentication. When the anonymous user is created, a flow limiting plug-in is created for the anonymous user, the access times of the anonymous user to the API are limited, and the abuse and direct production of the anonymous access are avoided. As shown in fig. 3, a publisher may initiate a service request by modifying a required parameter value only through an API debug function interface of the service open platform using an anonymous user role, forward the request to a back-end service through a sandbox environment gateway, and display service call response codes, response delay, response Header, and response body information on the interface. The publisher can confirm whether the API information set through the service open platform is accurate and the performance of the API call through the returned result.
Wherein the caller performs the API test by the temporary user. Specifically, the system creates a temporary user for a caller to be subjected to API testing at a sandbox environment gateway, gives corresponding API access authority to the user, and creates a corresponding authentication plug-in and a corresponding flow limiting plug-in. As shown in fig. 4, the API test function interface of the service open platform displays API call related information, which includes directly obtaining a service request address, a request parameter, authentication information, and the like from the database, where the service request address corresponds to an API access address of the sandbox environment gateway, and the authentication information is access authentication information of the temporary user to the API. And the caller modifies the parameter values, initiates a service calling request, forwards the service calling request to the back-end service through the sandbox environment gateway, and finally displays the returned result on the platform interface.
Preferably, wherein the method further comprises:
and setting an access address, a parameter value and authentication information of the sandbox environment API corresponding to the service request address, automatically generating a sandbox environment service access sdk in a preset language, and simultaneously changing the service request address into the access address of the production environment API and the authentication information into the authentication information acquired after platform authorization by a caller, so that the production environment API is called by using sdk.
Preferably, wherein the method further comprises:
the sandbox environment gateway imports the access log of the API test function into an elastic search through logstack to monitor the access log in real time, and gives an alarm when the peak access amount or the access flow exceeds the capacity of the sandbox environment gateway, so that an administrator can perform elastic expansion example on the sandbox environment gateway in time.
The present invention also enables automatic generation of test sdk. Wherein, an access address, a parameter value and authentication information of the sandbox environment API corresponding to the service request address are set in sdk, wherein the parameter value is a default value set when the API is created, and the authentication information is temporary user authentication information. The caller changes the service request address in the code into the access address of the production environment API, and changes the authentication information into the authentication information acquired after the platform is authorized, so that the production environment API can be called by using sdk.
In the invention, the access log of the API test function is independently managed by the sandbox environment gateway and is imported into the ElasticSearch through logstack. And monitoring the access log in real time, and when the peak access amount or the access flow exceeds the capacity of the sandbox environment gateway, carrying out mail and short message early warning so as to ensure that an administrator can carry out an elastic expansion example on the sandbox environment gateway in time.
The method realizes the on-line and test environment gateway isolation by utilizing a Kubernetes naming space, deploys test environment service by using the yaml file, determines the minimum physical and container resource requirements of the sandbox environment gateway according to the production environment gateway resource use condition and the maximum concurrent access limit of the test environment, and realizes the resource isolation and the rapid deployment of the service by utilizing the limited resources. Through two sets of independent service gateways of the online environment and the testing environment, access control and call log statistics are respectively carried out on service calls of the online environment and the testing environment, flow limitation is carried out on the service calls of the testing environment, and the use of the production environment cannot be influenced by the testing function. According to user requirements, different test schemes are provided for platform users with two roles of a service publisher and a service caller at the same time, the service publisher can access the service created by the service publisher without authentication by using an anonymous user of a service gateway, and interface debugging and performance testing before service publishing are completed conveniently and rapidly; when the service caller carries out API test, complicated service subscription and authorization processes of a service open platform are not needed, the gateway automatically allocates temporary authority, the platform automatically fills in temporary authentication information, and the user can visually and simply carry out service call test. The invention can provide a rapid, simple and visual debugging before service release and testing before service call for the service open platform user, and simultaneously ensures the safety and stability of the online service.
Fig. 5 is a schematic structural diagram of an API testing system 500 for a service open platform according to an embodiment of the present invention. As shown in fig. 5, an API testing system 500 for a service open platform according to an embodiment of the present invention includes: the sandbox environment gateway building unit 501, the API synchronizing unit 502, the API debugging unit 503 and the API testing unit 504.
Preferably, the sandbox environment gateway building unit 501 is configured to isolate the production environment gateway from the sandbox environment gateway based on a kubernets namespace, determine a minimum resource requirement of the sandbox environment gateway, and implement rapid deployment of the sandbox environment gateway service based on a yaml file according to the minimum resource requirement.
Preferably, the sandbox environment gateway building unit 501 determines the minimum resource requirement of the sandbox environment gateway, and includes:
and determining the number of CPUs, memories and instances of the sandbox environment gateway based on the resource use condition of the production environment, the historical calling statistical data and the maximum concurrency limit of the sandbox environment service calling.
Preferably, the API synchronization unit 502 is configured to enable the publisher to synchronize the API that has been created in the production environment to the sandbox environment through the service opening platform.
Preferably, the API synchronization unit 502 synchronizes the API that has been created in the production environment to the sandbox environment by the following method, including:
acquiring an API name, a rear-end address, a front-end access address and an authentication mode from a database, creating target, upstream, service and route required by the API in a sandbox environment gateway based on corresponding API information, and binding a plug-in corresponding to the API authentication mode and an access flow limiting plug-in;
and when the API has a test environment back-end access address, setting the back-end address as the test environment back-end address when synchronizing the API with the sandbox environment.
Preferably, the API debugging unit 503 is configured to create an anonymous user at the sandbox environment gateway when the publisher performs API testing, so that the publisher initiates a service call request by modifying the parameter value using the anonymous role, forwards the service call request to the back-end service through the sandbox environment gateway, and obtains service call response information, so that the publisher determines an API debugging result according to the response information.
Preferably, wherein the response information includes: response code information, response delay information, response Header information, and response body information.
Preferably, the API testing unit 504 is configured to, when a caller performs an API test, create a temporary user in a sandbox environment gateway, and give an API access right to the temporary user, so that a call can initiate a service call request by modifying a parameter value using a role of the temporary user, forward the service call request to a back-end service through the sandbox environment gateway, and obtain service call response information, so that the caller determines an API test result according to the response information.
Preferably, wherein the system further comprises:
the plug-in creating unit is used for creating a corresponding flow limiting plug-in for the anonymous user; and the system is used for creating a corresponding authentication plug-in and a flow limiting plug-in for the temporary user.
Preferably, wherein the system further comprises:
the sandbox environment service sdk automatic generation unit is used for setting an access address, a parameter value and authentication information of the sandbox environment API corresponding to the service request address and automatically generating a sandbox environment service access sdk in a preset language, and meanwhile, a caller changes the service request address into the access address of the production environment API and the authentication information into the authentication information acquired after platform authorization, so that the production environment API is called by sdk.
Preferably, wherein the system further comprises:
and the access log processing unit is used for leading the access log of the API test function into the ElasticSearch through logstack by the sandbox environment gateway so as to monitor the access log in real time, and giving an alarm when the peak access amount or the access flow exceeds the capacity of the sandbox environment gateway, so that an administrator can perform an elastic expansion example on the sandbox environment gateway in time.
The API testing system 500 for the service open platform according to the embodiment of the present invention corresponds to the API testing method 100 for the service open platform according to another embodiment of the present invention, and is not described herein again.
The invention has been described with reference to a few embodiments. However, other embodiments of the invention than the one disclosed above are equally possible within the scope of the invention, as would be apparent to a person skilled in the art from the appended patent claims.
Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a/an/the [ device, component, etc ]" are to be interpreted openly as referring to at least one instance of said device, component, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting the same, and although the present invention is described in detail with reference to the above embodiments, those of ordinary skill in the art should understand that: modifications and equivalents may be made to the embodiments of the invention without departing from the spirit and scope of the invention, which is to be covered by the claims.

Claims (14)

1. An API testing method for a service open platform, the method comprising:
isolating the production environment gateway from the sandbox environment gateway based on a Kubernetes naming space, determining the minimum resource requirement of the sandbox environment gateway, and realizing the rapid deployment of the sandbox environment gateway service based on a yaml file according to the minimum resource requirement;
the publisher synchronizes the API established in the production environment to the sandbox environment through the service open platform;
when a publisher tests an API, an anonymous user is created in a sandbox environment gateway, so that the publisher initiates a service calling request by modifying a parameter value by utilizing the anonymous role, the service calling request is forwarded to a back-end service through the sandbox environment gateway, and service calling response information is obtained, so that the publisher determines an API debugging result according to the response information;
when a caller carries out API test, a temporary user is established in a sandbox environment gateway, API access authority is given to the temporary user, so that calling can initiate a service calling request by modifying a parameter value by using the role of the temporary user, the service calling request is forwarded to a back-end service through the sandbox environment gateway, service calling response information is obtained, and the caller determines an API test result according to the response information.
2. The method of claim 1, wherein determining the minimum resource requirement of the sandbox environment gateway comprises:
and determining the number of CPUs, memories and instances of the sandbox environment gateway based on the resource use condition of the production environment, the historical calling statistical data and the maximum concurrency limit of the sandbox environment service calling.
3. The method of claim 1, wherein the method synchronizes APIs that have been created in a production environment to a sandbox environment by:
acquiring an API name, a rear-end address, a front-end access address and an authentication mode from a database, creating target, upstream, service and route required by the API in a sandbox environment gateway based on corresponding API information, and binding a plug-in corresponding to the API authentication mode and an access flow limiting plug-in;
and when the API has a test environment back-end access address, setting the back-end address as the test environment back-end address when synchronizing the API with the sandbox environment.
4. The method of claim 1, wherein the response information comprises: response code information, response delay information, response Header information, and response body information.
5. The method of claim 1, further comprising:
creating a corresponding flow restriction plug-in for the anonymous user;
and creating a corresponding authentication plug-in and a flow limiting plug-in for the temporary user.
6. The method of claim 1, further comprising:
and setting an access address, a parameter value and authentication information of the sandbox environment API corresponding to the service request address, automatically generating a sandbox environment service access sdk in a preset language, and simultaneously changing the service request address into the access address of the production environment API and the authentication information into the authentication information acquired after platform authorization by a caller, so that the production environment API is called by using sdk.
7. The method of claim 1, further comprising:
the sandbox environment gateway imports the access log of the API test function into an elastic search through logstack to monitor the access log in real time, and gives an alarm when the peak access amount or the access flow exceeds the capacity of the sandbox environment gateway, so that an administrator can perform elastic expansion example on the sandbox environment gateway in time.
8. An API testing system for an open platform for services, the system comprising:
the sandbox environment gateway building unit is used for isolating the production environment gateway from the sandbox environment gateway based on a Kubernetes naming space, determining the minimum resource requirement of the sandbox environment gateway, and realizing the rapid deployment of the sandbox environment gateway service based on a yaml file according to the minimum resource requirement;
the API synchronization unit is used for enabling the publisher to synchronize the API which is created in the production environment to the sandbox environment through the service open platform;
the API debugging unit is used for creating an anonymous user in the sandbox environment gateway when a publisher tests the API, so that the publisher initiates a service calling request by modifying the parameter value by utilizing the anonymous role, forwards the service calling request to a back-end service through the sandbox environment gateway, and obtains service calling response information so that the publisher determines an API debugging result according to the response information;
and the API testing unit is used for creating a temporary user in the sandbox environment gateway when the caller performs API testing, endowing API access authority to the temporary user, enabling the call to use the temporary user role to initiate a service call request by modifying the parameter value, forwarding the service call request to a back-end service through the sandbox environment gateway, and acquiring service call response information so that the caller can determine an API testing result according to the response information.
9. The system of claim 8, wherein the sandbox environment gateway building unit determining the minimum resource requirement of the sandbox environment gateway comprises:
and determining the number of CPUs, memories and instances of the sandbox environment gateway based on the resource use condition of the production environment, the historical calling statistical data and the maximum concurrency limit of the sandbox environment service calling.
10. The system of claim 8, wherein the API synchronization unit synchronizes APIs that have been created in the production environment to the sandbox environment by:
acquiring an API name, a rear-end address, a front-end access address and an authentication mode from a database, creating target, upstream, service and route required by the API in a sandbox environment gateway based on corresponding API information, and binding a plug-in corresponding to the API authentication mode and an access flow limiting plug-in;
and when the API has a test environment back-end access address, setting the back-end address as the test environment back-end address when synchronizing the API with the sandbox environment.
11. The system of claim 8, wherein the response information comprises: response code information, response delay information, response Header information, and response body information.
12. The system of claim 8, further comprising:
the plug-in creating unit is used for creating a corresponding flow limiting plug-in for the anonymous user; and the system is used for creating a corresponding authentication plug-in and a flow limiting plug-in for the temporary user.
13. The system of claim 8, further comprising:
the sandbox environment service sdk automatic generation unit is used for setting an access address, a parameter value and authentication information of the sandbox environment API corresponding to the service request address and automatically generating a sandbox environment service access sdk in a preset language, and meanwhile, a caller changes the service request address into the access address of the production environment API and the authentication information into the authentication information acquired after platform authorization, so that the production environment API is called by sdk.
14. The system of claim 8, further comprising:
and the access log processing unit is used for leading the access log of the API test function into the ElasticSearch through logstack by the sandbox environment gateway so as to monitor the access log in real time, and giving an alarm when the peak access amount or the access flow exceeds the capacity of the sandbox environment gateway, so that an administrator can perform an elastic expansion example on the sandbox environment gateway in time.
CN202011509272.6A 2020-12-18 2020-12-18 API test method and system for service open platform Active CN112632527B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011509272.6A CN112632527B (en) 2020-12-18 2020-12-18 API test method and system for service open platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011509272.6A CN112632527B (en) 2020-12-18 2020-12-18 API test method and system for service open platform

Publications (2)

Publication Number Publication Date
CN112632527A true CN112632527A (en) 2021-04-09
CN112632527B CN112632527B (en) 2024-03-08

Family

ID=75317825

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011509272.6A Active CN112632527B (en) 2020-12-18 2020-12-18 API test method and system for service open platform

Country Status (1)

Country Link
CN (1) CN112632527B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114257531A (en) * 2021-12-10 2022-03-29 北京金山云网络技术有限公司 Test method and related device for Application Programming Interface (API) gateway
CN114417323A (en) * 2022-01-21 2022-04-29 北京飞书科技有限公司 Data reference method, device, equipment and medium
CN116720179A (en) * 2023-08-07 2023-09-08 深圳市智慧城市科技发展集团有限公司 API interface management method, terminal device and computer readable storage medium

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107967159A (en) * 2017-11-22 2018-04-27 腾讯科技(深圳)有限公司 The method and server of a kind of profileapplied
US20180136931A1 (en) * 2016-11-14 2018-05-17 Ca, Inc. Affinity of microservice containers
CN109062655A (en) * 2018-06-05 2018-12-21 腾讯科技(深圳)有限公司 A kind of containerization cloud platform and server
WO2019184116A1 (en) * 2018-03-30 2019-10-03 平安科技(深圳)有限公司 Method and device for automatically building kubernetes main node, terminal device and computer-readable storage medium
US20200125482A1 (en) * 2018-10-18 2020-04-23 Manhattan Engineering Incorporated Code examples sandbox
CN111124589A (en) * 2018-10-30 2020-05-08 中移(苏州)软件技术有限公司 Service discovery system, method, device and equipment
WO2020112029A1 (en) * 2018-11-30 2020-06-04 Purple Ds Private Ltd. System and method for facilitating participation in a blockchain environment
US10685115B1 (en) * 2017-10-27 2020-06-16 EMC IP Holding Company LLC Method and system for implementing cloud native application threat detection
US10789354B1 (en) * 2019-10-01 2020-09-29 Capital One Services, Llc Computer-based systems configured for detecting and sandboxing external resources and methods of use thereof

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180136931A1 (en) * 2016-11-14 2018-05-17 Ca, Inc. Affinity of microservice containers
US10685115B1 (en) * 2017-10-27 2020-06-16 EMC IP Holding Company LLC Method and system for implementing cloud native application threat detection
CN107967159A (en) * 2017-11-22 2018-04-27 腾讯科技(深圳)有限公司 The method and server of a kind of profileapplied
WO2019184116A1 (en) * 2018-03-30 2019-10-03 平安科技(深圳)有限公司 Method and device for automatically building kubernetes main node, terminal device and computer-readable storage medium
CN109062655A (en) * 2018-06-05 2018-12-21 腾讯科技(深圳)有限公司 A kind of containerization cloud platform and server
US20200125482A1 (en) * 2018-10-18 2020-04-23 Manhattan Engineering Incorporated Code examples sandbox
CN111124589A (en) * 2018-10-30 2020-05-08 中移(苏州)软件技术有限公司 Service discovery system, method, device and equipment
WO2020112029A1 (en) * 2018-11-30 2020-06-04 Purple Ds Private Ltd. System and method for facilitating participation in a blockchain environment
US10789354B1 (en) * 2019-10-01 2020-09-29 Capital One Services, Llc Computer-based systems configured for detecting and sandboxing external resources and methods of use thereof

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
刘渊;乔巍;: "云环境下基于Kubernetes集群系统的容器网络研究与优化", 信息网络安全, no. 03, 10 March 2020 (2020-03-10) *
张琦;: "基于Docker的CaaS管理平台架构研究与设计", 计算机应用与软件, no. 11, 12 November 2018 (2018-11-12) *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114257531A (en) * 2021-12-10 2022-03-29 北京金山云网络技术有限公司 Test method and related device for Application Programming Interface (API) gateway
CN114257531B (en) * 2021-12-10 2024-02-23 北京金山云网络技术有限公司 Test method and related device for application programming interface API gateway
CN114417323A (en) * 2022-01-21 2022-04-29 北京飞书科技有限公司 Data reference method, device, equipment and medium
CN116720179A (en) * 2023-08-07 2023-09-08 深圳市智慧城市科技发展集团有限公司 API interface management method, terminal device and computer readable storage medium
CN116720179B (en) * 2023-08-07 2023-11-03 深圳市智慧城市科技发展集团有限公司 API interface management method, terminal device and computer readable storage medium

Also Published As

Publication number Publication date
CN112632527B (en) 2024-03-08

Similar Documents

Publication Publication Date Title
CN112632527B (en) API test method and system for service open platform
CN108845954B (en) Pressure testing method, system and storage medium
CN104461693B (en) Virtual machine update method and system under a kind of desktop cloud computing environment
AU2016204676A1 (en) Method and system for automated system migration
WO2017114152A1 (en) Service dial testing method, apparatus and system
KR101757149B1 (en) Smart device application autotest method using permission booster
CN103379000B (en) A kind of concurrent testing method and testing service device
CN101471819A (en) Test system, test method, management domain and operation domain
CN110557290A (en) Processing method and device for network acceleration service
CN112910995B (en) Resource allocation method and device based on multi-cloud environment, electronic equipment and medium
CN113010392A (en) Testing method, device, equipment, storage medium and system for big data platform
CN110908708B (en) Code release method, device and system
CN113204599A (en) Equipment monitoring method and device based on Internet of things, monitoring equipment and storage medium
CN106254312A (en) A kind of method and device being realized server attack protection by virtual machine isomery
Benharrat et al. Constraint-based oracles for timed distributed systems
CN115694699A (en) Time delay parameter acquisition method and device, electronic equipment and storage medium
CN111427710A (en) Communication method, device, equipment and storage medium of components in application program
CN114785526B (en) Multi-user multi-batch weight distribution calculation and storage processing system based on block chain
CN116107913A (en) Test control method, device and system of single-node server
CN105634982A (en) Speed measuring server queuing method, speed measuring server and client
CN110795330A (en) Monkey pressure testing method and device
CN116701132A (en) Hot spot information acquisition method and device, electronic equipment and computer storage medium
CN116974881A (en) Application testing method, device, electronic equipment and readable medium
CN111083103A (en) Data sharing exchange method and system
CN113868116A (en) Test dependent data generation method and device, server and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant