CN116701170A - Interface testing method, device and system - Google Patents
Interface testing method, device and system Download PDFInfo
- Publication number
- CN116701170A CN116701170A CN202310406881.6A CN202310406881A CN116701170A CN 116701170 A CN116701170 A CN 116701170A CN 202310406881 A CN202310406881 A CN 202310406881A CN 116701170 A CN116701170 A CN 116701170A
- Authority
- CN
- China
- Prior art keywords
- test
- interface
- tested
- identity authentication
- service interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012360 testing method Methods 0.000 title claims abstract description 216
- 238000000034 method Methods 0.000 claims abstract description 65
- 238000010998 test method Methods 0.000 claims abstract description 36
- 230000008569 process Effects 0.000 claims description 29
- 230000002159 abnormal effect Effects 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 8
- 230000004044 response Effects 0.000 abstract description 7
- 230000005856 abnormality Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000003993 interaction Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 241001178520 Stomatepia mongo Species 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000002844 melting Methods 0.000 description 1
- 230000008018 melting Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000004904 shortening Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3692—Test management for test results analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The application discloses an interface testing method, device and system. In the method, a first platform to be tested is obtained in response to a first operation of selecting the first platform to be tested from a plurality of test platforms; responding to a second operation of selecting a first environment to be tested from a plurality of test environments, and obtaining a first environment to be tested corresponding to the first platform to be tested; acquiring temporary identity authentication parameters generated when a service interface is called; comparing the temporary identity authentication parameter with the target identity authentication parameter in the decryption result corresponding to the target information to obtain a comparison result; and if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter, executing a corresponding preset test method on the service interface. Therefore, interface tests among platform components to be tested under a plurality of test environments are realized, test period and test cost are reduced, meanwhile, identities of a login person and an operator are compared and verified in an interface encryption and decryption mode, and the risk of data leakage is reduced.
Description
Technical Field
The present application relates to the field of interface testing technologies, and in particular, to a method, an apparatus, and a system for testing an interface.
Background
The interface test is mainly used for testing interfaces among components of the system, and generally, after the functions of the system are changed or the interfaces are changed, in order to detect whether data exchange among interaction points in the system is consistent, the interface test is needed.
However, the prior art cannot be suitable for testing interfaces between system components under a plurality of test environments, consumes labor and time, and meanwhile, the confidentiality degree of the interface layer is low, and the identities of a login person and an operator are not compared and verified from the interface layer.
Disclosure of Invention
The application provides an interface testing method, device and system, which can realize interface testing among system components in a plurality of testing environments, thereby reducing the labor cost of testing, shortening the testing period, improving the working efficiency, and simultaneously, comparing and verifying the identities of a login user and an operator in an interface encryption and decryption mode, and reducing the risk of data leakage.
In a first aspect, the present application provides an interface testing method, including:
responding to a first operation of selecting a first platform to be tested from a plurality of test platforms, and obtaining the first platform to be tested, wherein the first platform to be tested comprises a login interface and a service interface;
responding to a second operation of selecting a first environment to be tested from a plurality of test environments, and obtaining a first environment to be tested corresponding to the first platform to be tested, wherein the first environment to be tested comprises a preset test set, and the preset test set indicates to execute a corresponding preset test method on the service interface;
acquiring temporary identity authentication parameters generated when the service interface is called;
comparing the temporary identity authentication parameter with a target identity authentication parameter in a decryption result corresponding to target information, and obtaining a comparison result, wherein the target information is information obtained by encrypting an information set comprising the target identity authentication parameter, and the target identity authentication parameter is a parameter generated when the login interface is called;
and if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter, executing the corresponding preset test method on the service interface.
Optionally, the obtaining process of the target information includes:
before the temporary identity authentication parameters generated when the business interface is called are obtained, the target identity authentication parameters generated when the login interface is called are obtained;
and encrypting the information set comprising the target identity authentication parameters to obtain the target information.
Optionally, the information set further includes a path parameter corresponding to the service interface.
Optionally, the executing the corresponding preset test method for the service interface includes:
executing a corresponding application script on the service interface;
if the process of executing the corresponding application script on the service interface is abnormal and the retry number does not reach the number threshold, executing the corresponding application script on the service interface again, wherein the retry number is the number of executing the corresponding application script on the service interface;
if the process of executing the corresponding application script on the service interface is abnormal and the retry times reach the time threshold, ending the test on the service interface and obtaining a first test result, wherein the first test result indicates that the test on the service interface fails.
Optionally, the executing the corresponding application script on the service interface includes:
acquiring test service data obtained by calling the service interface;
and obtaining a second test result according to the test service data and target service data corresponding to the service interface, wherein the target service data is reference data corresponding to the service interface.
In a second aspect, the application also provides an interface test system, which comprises a service module, a base module and a test module;
the service module comprises a plurality of test platforms, and the plurality of test platforms comprise a first platform to be tested;
the base module is configured to execute, on the service module, operations of the method provided in the first aspect except for executing the corresponding preset test method on the service interface;
the test module is configured to execute, for the service module, the operation of the corresponding preset test method for the service interface in the method provided in the first aspect.
Optionally, the system further comprises a data module;
the data module is used for obtaining the target service data corresponding to the service interface when obtaining the test service data obtained by calling the service interface.
Optionally, the system further comprises a log module;
the log module is used for generating a log in the process of operating the interface test system, and the log is used for reflecting the operation condition of the interface test system.
In a third aspect, the present application further provides an interface testing device, including:
the first obtaining unit is used for responding to a first operation of selecting a first platform to be tested from a plurality of test platforms to obtain the first platform to be tested, wherein the first platform to be tested comprises a login interface and a service interface;
the second obtaining unit is used for responding to a second operation of selecting a first environment to be tested from a plurality of test environments to obtain the first environment to be tested corresponding to the first platform to be tested, wherein the first environment to be tested comprises a preset test set, and the preset test set indicates to execute a corresponding preset test method on the service interface;
the first acquisition unit is used for acquiring temporary identity authentication parameters generated when the service interface is called;
the second acquisition unit is used for comparing the temporary identity authentication parameter with a target identity authentication parameter in a decryption result corresponding to target information, and acquiring a comparison result, wherein the target information is information obtained by encrypting an information set comprising the target identity authentication parameter, and the target identity authentication parameter is a parameter generated when the login interface is called;
and the judging unit is used for executing the corresponding preset test method on the service interface if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter.
Optionally, the obtaining process of the target information includes:
before the temporary identity authentication parameters generated when the business interface is called are obtained, the target identity authentication parameters generated when the login interface is called are obtained;
and encrypting the information set comprising the target identity authentication parameters to obtain the target information.
Optionally, the information set further includes a path parameter corresponding to the service interface.
Optionally, the executing the corresponding preset test method for the service interface includes:
executing a corresponding application script on the service interface;
if the process of executing the corresponding application script on the service interface is abnormal and the retry number does not reach the number threshold, executing the corresponding application script on the service interface again, wherein the retry number is the number of executing the corresponding application script on the service interface;
if the process of executing the corresponding application script on the service interface is abnormal and the retry times reach the time threshold, ending the test on the service interface and obtaining a first test result, wherein the first test result indicates that the test on the service interface fails.
Optionally, the executing the corresponding application script on the service interface includes:
acquiring test service data obtained by calling the service interface;
and obtaining a second test result according to the test service data and target service data corresponding to the service interface, wherein the target service data is reference data corresponding to the service interface.
In a fourth aspect, the present application also provides an electronic device, including a processor and a memory:
the memory is used for storing a computer program;
the processor is configured to execute the method provided in the first aspect according to the computer program.
In a fifth aspect, the present application also provides a computer readable storage medium for storing a computer program for performing the method provided in the first aspect above.
From this, the application has the following beneficial effects:
the application provides an interface testing method, which comprises the steps of responding to a first operation of selecting a first platform to be tested from a plurality of testing platforms to obtain the first platform to be tested; responding to a second operation of selecting a first environment to be tested from a plurality of test environments, and obtaining a first environment to be tested corresponding to the first platform to be tested; acquiring temporary identity authentication parameters generated when the service interface is called; comparing the temporary identity authentication parameter with a target identity authentication parameter in a decryption result corresponding to the target information to obtain a comparison result; and if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter, executing the corresponding preset test method on the service interface. In this way, through the first to-be-tested platform selected from the plurality of test platforms and the first to-be-tested environment selected from the plurality of test environments, the selected first to-be-tested platform is subjected to the preset test method corresponding to the first to-be-tested environment, so that the interface test between the to-be-tested platform components under the plurality of test environments can be realized, the labor cost of the test is reduced, the test period is shortened, and meanwhile, at the interface level, the target identity authentication parameters generated when the login interface is called are encrypted and compared with the temporary identity authentication parameters generated when the corresponding service interface is called, whether an operator and a login user are the same or not is verified, and the risk of data leakage is reduced to a certain extent.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments described in the present application, and other drawings may be obtained according to these drawings for those of ordinary skill in the art.
FIG. 1 is a schematic diagram of an interface testing system 100 according to an embodiment of the present application;
FIG. 2 is a flow chart of an interface testing method according to an embodiment of the application;
FIG. 3 is a flowchart illustrating an example of an interface testing method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an interface testing device 400 according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device 500 according to an embodiment of the present application.
Detailed Description
The plurality of the embodiments of the present application is greater than or equal to two. It should be noted that, in the description of the embodiments of the present application, the terms "first," "second," and the like are used for distinguishing between the descriptions and not necessarily for indicating or implying a relative importance, or alternatively, for indicating or implying a sequential order.
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. It will be apparent that the described embodiments are only some, but not all, embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In the prior art, interface testing is mainly used for testing interfaces between components of a system, and in general, after the function of the system is changed or the interfaces are changed, in order to detect whether data exchange between interaction points in the system is consistent, interface testing is required. However, the existing interface test framework cannot be suitable for interface tests among system components under a plurality of test environments, the test efficiency is low, the test period is long, meanwhile, the confidentiality degree of an interface layer is low, the interface layer is easy to steal, if the interface contains some important data, the interface layer does not carry out contrast verification on identities of a login person and an operator, and the risk of data leakage can be caused.
Based on the above, the embodiment of the application provides an interface testing method, in which a first platform to be tested is obtained in response to a first operation of selecting the first platform to be tested from a plurality of testing platforms; responding to a second operation of selecting a first environment to be tested from a plurality of test environments, and obtaining a first environment to be tested corresponding to the first platform to be tested; acquiring temporary identity authentication parameters generated when a service interface is called; comparing the temporary identity authentication parameter with the target identity authentication parameter in the decryption result corresponding to the target information to obtain a comparison result; and if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter, executing a corresponding preset test method on the service interface. In this way, through the first to-be-tested platform selected from the plurality of test platforms and the first to-be-tested environment selected from the plurality of test environments, the selected first to-be-tested platform is subjected to the preset test method corresponding to the first to-be-tested environment, interface tests among the to-be-tested platform components under the plurality of test environments can be realized, the labor cost of the tests is reduced, the test period is shortened, meanwhile, at the interface level, the target identity authentication parameters generated when the login interface is called are encrypted, and compared with the temporary identity authentication parameters generated when the corresponding service interface is called, whether login information is tampered is judged, so that whether an operator and a login person are identical is verified, and the risk of data leakage is reduced to a certain extent.
In order to facilitate understanding of the specific implementation of the interface testing method and system provided in the embodiments of the present application, the following description will be made with reference to the accompanying drawings.
It should be noted that, the main body implementing the interface testing method may be the interface testing device provided by the embodiment of the present application, and the interface testing device may be carried in an electronic device or a functional module of the electronic device. The electronic device in the embodiment of the present application may be any device capable of implementing the interface testing method in the embodiment of the present application, for example, may be an internet of things (InternetofThings, ioT) device.
Referring to fig. 1, fig. 1 is a schematic structural diagram of an interface test system 100 according to an embodiment of the present application, where the interface test system 100 may include a service module 110, a base module 120, and a test module 130;
the service module 110 includes a plurality of test platforms, and the plurality of test platforms includes a first platform to be tested; the base module 120 is configured to obtain a first platform to be tested in response to a first operation of selecting the first platform to be tested from a plurality of test platforms, where the first platform to be tested includes a login interface and a service interface; responding to a second operation of selecting a first environment to be tested from a plurality of test environments, and obtaining a first environment to be tested corresponding to the first platform to be tested, wherein the first environment to be tested comprises a preset test set which indicates to execute a corresponding preset test method on a service interface; acquiring temporary identity authentication parameters generated when a service interface is called; comparing the temporary identity authentication parameter with a target identity authentication parameter in a decryption result corresponding to target information to obtain a comparison result, wherein the target information is information obtained by encrypting an information set comprising the target identity authentication parameter, and the target identity authentication parameter is a parameter generated when a login interface is called; if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter, executing a corresponding preset test method on the service interface; the test module 130 is configured to execute a corresponding application script on the service interface; if the process of executing the corresponding application script on the service interface is abnormal and the retry number does not reach the number threshold, executing the corresponding application script on the service interface again, wherein the retry number is the number of executing the corresponding application script on the service interface; if the process of executing the corresponding application script on the service interface is abnormal and the retry times reach the frequency threshold, ending the test on the service interface and obtaining a first test result, wherein the first test result indicates that the test on the service interface fails.
It should be noted that, the interface test system 100 may be built by using a SpringBoot and Rest-Assured framework, and in order to unify processing modes of each Log system and facilitate maintenance of each Log processing system, a Log module in the interface test system 100 provided by the embodiment of the present application includes a simple Log portal (SimpleLoggingFacadeforJava, SLF J), and in a specific implementation process, different Log systems may be used through the SLF4J, where the Log system may be, for example, a Log4J Log system or a Log back Log system. The database in which the target business data is stored may be a relational database management system (RelationalDatabaseManagementSystem, RDBMS) such as Oracle or MySQL, or a database stored based on a distributed file system (DistributedFileSystem, DFS) such as Mongo database (MongoDataBase, mongoDB).
In some implementations, the base module 120 may include a Common (Common) method and a Login (Login) method, which may be, for example, invoking the Login method through a Login interface; the test module 130 may include a retry mechanism set based on the next generation test technique (TestingNextGeneration, testNG), and may also check whether the result of the interface test is consistent with the expectations based on assertion (assertion), where the interface test may include a login interface test or a traffic interface test, without affecting the implementation of the embodiments of the present application.
It should be noted that, by using the Rest-Assured framework of the interface test system 100, a login interface or a service interface may be called, as an example, a tester selects a first platform to be tested and a first environment to be tested, where the first environment to be tested includes a preset test method, if logging in the first platform to be tested is successful, a target identity authentication parameter of the first platform to be tested is obtained, and an information set including the target identity authentication parameter is encrypted to obtain target information, where the encryption method may be encryption of a Message-digest algorithm5 (MD 5), then, a temporary identity authentication parameter generated when calling the service interface is compared with a target identity authentication parameter in a decryption result corresponding to the target information, and a comparison result is obtained, and if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter, a corresponding preset test method is executed on the service interface. In the specific test process, the encryption process is packaged into an encryption method through a Rest-Assured framework, and the encryption method is called to realize the encryption of the information set.
In other implementations, the interface test system 100 may further include a data module, where the data module is configured to obtain target service data corresponding to the service interface when obtaining test service data obtained by calling the service interface. In other implementations, the interface test system 100 may further include a log module for generating a log during operation of the interface test system 100, the log being used to reflect the operation of the interface test system 100. For example, when the service interface test of the first platform to be tested fails, that is, when a problem occurs in the interface test process, a programmer or a tester may debug and maintain the interface test system 100 by using the error log, specifically, whether the code corresponding to the original function needs to be maintained or the code corresponding to the new function has a problem can be determined according to the log, so as to further determine whether to delay the online first platform to be tested.
Thus, by the method provided by the embodiment of the application, the first to-be-tested platform is selected from the plurality of test platforms, and the first to-be-tested environment is selected from the plurality of test environments, and the preset test method corresponding to the first to-be-tested environment is executed on the selected first to-be-tested platform, so that the interface test between the to-be-tested platform components under the plurality of test environments can be realized, the labor cost of the test is reduced, and the test period is shortened.
Fig. 2 is a flow chart of an interface testing method according to an embodiment of the present application. The method shown in fig. 2 may be applied to an interface test apparatus, which may be, for example, the interface test apparatus 400 shown in fig. 4, or may be a functional module integrated in the electronic device 500 shown in fig. 5.
Referring to fig. 2, in an embodiment of the present application, the method may include the following steps:
s201: and responding to a first operation of selecting a first platform to be tested from the plurality of test platforms, and obtaining the first platform to be tested, wherein the first platform to be tested comprises a login interface and a service interface.
The service interface may be, for example, a query interface, an audit interface, or a new interface.
S202: and responding to a second operation of selecting a first environment to be tested from the plurality of test environments, and obtaining a first environment to be tested corresponding to the first platform to be tested, wherein the first environment to be tested comprises a preset test set which indicates to execute a corresponding preset test method on the service interface.
The preset test set of the first environment to be tested can be applicable to each test platform in the plurality of test platforms, and can also be applicable to part of the test platforms in the plurality of test platforms. As an example, the multiple test platforms include an operation platform, a melting platform, a middle platform and an open platform, the multiple test environments include T1, T2, T3 and T4, and if the tester selects the operation platform as the first platform to be tested, the preset test set in any one of the test environments T1, T2, T3 and T4 can execute the corresponding preset test method for the service interface in the operation platform; if the tester selects the open platform as the first platform to be tested, only the preset test set in the test environment T4 can execute the corresponding preset test method on the service interface in the open platform.
It should be noted that, before step S202, a corresponding preset test method may also be executed on the login interface of the first platform to be tested based on the preset test set of the first environment to be tested. S201 and S202 may be regarded as preparation steps for acquiring the preset test set, and S201 and S202 may be performed sequentially, that is, S201 is performed before S202 is performed, or S202 is performed before S201 is performed; or may be performed simultaneously, that is, S201 and S202 are performed simultaneously, without affecting the implementation of the embodiment of the present application. In some implementations, a first platform to be tested and a first environment to be tested are selected, and database connection information corresponding to the first platform to be tested is obtained, so that corresponding data can be obtained from the database in the process of testing the service interface later.
S203: and acquiring temporary identity authentication parameters generated when the service interface is called.
S204: and comparing the temporary identity authentication parameter with a target identity authentication parameter in a decryption result corresponding to the target information, and obtaining a comparison result, wherein the target information is information obtained by encrypting an information set comprising the target identity authentication parameter, and the target identity authentication parameter is a parameter generated when a login interface is called.
It should be noted that, the process of obtaining the target information may include: before acquiring temporary identity authentication parameters generated when a service interface is called, acquiring target identity authentication parameters generated when a login interface is called; and encrypting the information set comprising the target identity authentication parameters to obtain the target information. The information set may further include a path parameter corresponding to the service interface.
As an example, a tester inputs a test account number and a corresponding password or verification code of a first platform to be tested to call a login interface of the first platform to be tested to send a login request to the first platform to be tested, and if the login is successful, the login interface returns a target identity authentication parameter.
In some implementations, the target authentication parameter includes wk 1 And session 1 Wherein wk is 1 Indicating user information corresponding to a login user (here, a test account number), session 1 Including login status information, the session 1 Indicating the session status of the login user (e.g. indicating the session of the login user if the login time exceeds the expiration time) 1 Failure); the target information is a pair including session 1 And wk 1 Information obtained by encrypting the information set of (a), in particular wk 1 Assignment to parameter x-vcertain 1 And append a uniform resource locator (UniformResourceLocator, URL), such as url, to the call traffic interface path 1 Thereafter wk l For example 1, then url 1 May be api/web/biz/v 1/tent/listx-vcertain 1 =1, the parameter x-vcertain will be appended 1 Url of (a) 1 Encryption to obtain the parameter vrandom 1 That is, the target information is session 1 Encryption value and vrandom 1 Note that, session 1 Can be present in url 1 Header (header) information of (a) a file. When the service interface of the first platform to be tested is subsequently called, the generated temporary identity authentication parameter and the target identity authentication parameter are compared, wherein the temporary identity authentication parameter comprises session 2 And wk 2 Specifically, if session 1 Decryption value and session of encrypted value 2 If the login user is inconsistent with the operator, indicating that the login user and the operator are different, the subsequent step S205 cannot be executed on the service interface of the first platform to be tested; will wk 2 Assignment to parameter x-vcertain 2 ,wk 2 For example 2, then x-vcertain 2 =2,vrandom 1 Decrypting the resulting x-vcertain 1 And x-vcertain 2 And if the login information is inconsistent, indicating that the login user and the operator are different in identity and the risk of tampering exists, the corresponding preset test method cannot be executed on the service interface of the first platform to be tested. In session 1 Decryption value and session of encrypted value 2 Consistent and vrandom 1 Decrypting the resulting x-vcertain 1 And x-vcertain 2 In the case of coincidence, the subsequent step S205 is executed.
In other implementations, the login state is maintained by a token (token), and the target authentication parameters include a token 1 The method comprises the steps of carrying out a first treatment on the surface of the The target information is a target information pair comprising a token 1 Information obtained by encrypting the information set of (1), in particular, token 1 Assigning a value to a parameter access token 1 And append url in calling service interface path 1 After that, token 1 For example a, url 1 May be api/web/biz/v 1/tent/listacess token 1 =a, to which the parameter access_token is added 1 Url of (a) 1 Encryption to obtain the parameter vrandom 1 I.e. the target information is vrandom 1 Note that, token 1 Can exist in the header information of the service interface request for calling the first platform to be tested, and when the service interface of the first platform to be tested is subsequently called, the generated temporary identity authentication parameter and the target identity authentication parameter are compared, wherein the temporary identity authentication parameter comprises a token 2 Specifically, token 2 Assigning a value to a parameter access token 2 ,access_token 2 For example b, then x-vcertain 2 =b,vrandom 1 Decrypting the resulting access token 1 And access_token 2 And if the login information is inconsistent, indicating that the login user and the operator are different in identity and the risk of tampering exists, the corresponding preset test method cannot be executed on the service interface of the first platform to be tested. Access_token obtained by decrypting in vrandom1 1 And access_token 2 In the case of coincidence, step S205 is executed.
Note that, when session 1 Is in failure state or token 1 Expiration, and failure to execute a corresponding preset test method on the service interface of the first platform to be tested, the login information is tampered and can be a pre-encryption parameter (such as token 1 、session 1 Or wk 1 ) Tampered with, or encrypted parameters (e.g. vrandom 1 Or session 1 The encryption value) is tampered, the encryption mode of the embodiment of the application can be the MD5 algorithm encryption mode or other encryption modes, and the realization of the embodiment of the application is not affected.
S205: and if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter, executing a corresponding preset test method on the service interface.
In some implementations, the preset Test method includes a Test Case (Test Case) script corresponding to each service interface, and in order to reduce a false alarm rate in an interface Test process, the method for executing a corresponding preset Test on a service interface provided by the embodiment of the present application may include: executing a corresponding application script on the service interface; if the process of executing the corresponding application script on the service interface is abnormal and the retry number does not reach the number threshold, executing the corresponding application script on the service interface again, wherein the retry number is the number of executing the corresponding application script on the service interface; if the process of executing the corresponding application script on the service interface is abnormal and the retry times reach the frequency threshold, ending the test on the service interface and obtaining a first test result, wherein the first test result indicates that the test on the service interface fails.
It should be noted that, the preset test method provided by the embodiment of the present application may be designed based on a TestNG framework, and as an example, a tester sets a retry number threshold to three, and if an abnormality occurs in a process of testing a service interface (for example, a problem occurs in the service interface itself or a network problem) and thus results in a test failure, the retry mechanism is executed until the retry number reaches the number threshold, that is, three abnormalities occur in a process of executing a corresponding application scenario on the service interface, where the service interface is considered to have a problem. The frequency threshold can be judged and set according to the usual working experience of a tester, and the implementation of the embodiment of the application is not affected.
In other implementations, to check whether the result of the service interface test is consistent with the expected result, the embodiment of the present application may execute a corresponding application script on the service interface based on the assent implementation, including: acquiring test service data obtained by calling a service interface; and obtaining a second test result according to the test service data and the target service data corresponding to the service interface, wherein the second test result indicates whether the test service data obtained by calling the service interface is accurate or not, and the target service data is reference data corresponding to the calling service interface.
Thus, by the method provided by the embodiment of the application, the automatic integrated test can be realized on the interfaces among the platform components to be tested in a plurality of test environments, the false alarm rate of the interface test execution failure is reduced by monitoring the retry mechanism, the working efficiency is improved, the identity authentication parameters of a login user and an operator are compared and verified in an interface encryption and decryption mode, and the risk of data leakage is reduced.
In order to make the method provided by the embodiment of the present application clearer and easier to understand, a specific example of the method is described below in conjunction with the scenario of fig. 1.
S301: the first platform to be tested is obtained by the base module 120 in response to a first operation of selecting the first platform to be tested from the service module 110.
The first platform to be tested comprises a login interface and a service interface.
S302: the base module 120 is configured to obtain a first environment to be tested corresponding to the first platform to be tested in response to a second operation of selecting the first environment to be tested from the plurality of test environments.
It should be noted that the first environment to be tested includes a preset test set.
S303: the basic module 120 is used for acquiring the target identity authentication parameters generated when the login interface is called, and encrypting the information set comprising the target identity authentication parameters to acquire target information.
S304: the temporary identity authentication parameters generated when the service interface is called are acquired through the base module 120, target identity authentication parameters in decryption results corresponding to the temporary identity authentication parameters and the target information are compared, and comparison results are acquired.
S305: by the base module 120, it is determined whether the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter.
S306: if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter, executing the corresponding use case script on the service interface through the test module 130.
S307: through the test module 130, it is determined whether an abnormality occurs in the process of executing the corresponding application script on the service interface.
S308: and judging whether the retry times of executing the corresponding application script on the service interface reach a time threshold or not through the test module 130.
S309: if an abnormality occurs in the process of executing the corresponding application script on the service interface and the retry number does not reach the number threshold, returning to step S306 to execute the corresponding application script on the service interface again.
S310: if the process of executing the corresponding application script on the service interface is abnormal and the retry times reach the frequency threshold, ending the test on the service interface and obtaining a first test result, wherein the first test result indicates that the test on the service interface fails.
Therefore, by the method provided by the embodiment of the application, the interface test between the platform components to be tested in a plurality of test environments can be realized, the test period is shortened, the test cost is reduced, meanwhile, the interface is requested in an encryption and decryption mode, the identity authentication parameters of a login user and an operator are compared and verified, and the safety of data interaction between the interfaces is improved.
Referring to fig. 4, an embodiment of the present application further provides an interface testing apparatus 400, including:
a first obtaining unit 401, configured to obtain a first platform to be tested in response to a first operation of selecting the first platform to be tested from a plurality of test platforms, where the first platform to be tested includes a login interface and a service interface;
a second obtaining unit 402, configured to obtain a first environment to be tested corresponding to a first platform to be tested in response to a second operation of selecting the first environment to be tested from a plurality of test environments, where the first environment to be tested includes a preset test set, and the preset test set indicates to execute a corresponding preset test method on the service interface;
a first obtaining unit 403, configured to obtain temporary identity authentication parameters generated when the service interface is invoked;
a second obtaining unit 404, configured to compare the temporary identity authentication parameter with a target identity authentication parameter in a decryption result corresponding to target information, to obtain a comparison result, where the target information is information obtained by encrypting an information set including the target identity authentication parameter, and the target identity authentication parameter is a parameter generated when the login interface is called;
and the judging unit 405 is configured to execute the corresponding preset test method on the service interface if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter.
Optionally, the obtaining process of the target information includes:
before the temporary identity authentication parameters generated when the business interface is called are obtained, the target identity authentication parameters generated when the login interface is called are obtained;
and encrypting the information set comprising the target identity authentication parameters to obtain the target information.
Optionally, the information set further includes a path parameter corresponding to the service interface.
Optionally, the executing the corresponding preset test method for the service interface includes:
executing a corresponding application script on the service interface;
if the process of executing the corresponding application script on the service interface is abnormal and the retry number does not reach the number threshold, executing the corresponding application script on the service interface again, wherein the retry number is the number of executing the corresponding application script on the service interface;
if the process of executing the corresponding application script on the service interface is abnormal and the retry times reach the time threshold, ending the test on the service interface and obtaining a first test result, wherein the first test result indicates that the test on the service interface fails.
Optionally, the executing the corresponding application script on the service interface includes:
acquiring test service data obtained by calling the service interface;
and obtaining a second test result according to the test service data and target service data corresponding to the service interface, wherein the target service data is reference data corresponding to the service interface.
It should be noted that, the specific implementation manner and the achieved technical effect of the apparatus 400 may be referred to as related descriptions in the method shown in fig. 2 or fig. 3.
In addition, an embodiment of the present application further provides an electronic device 500, as shown in fig. 5, where the electronic device 500 includes a processor 501 and a memory 502:
the memory 502 is used for storing a computer program;
the processor 501 is configured to execute the method provided in fig. 2 or fig. 3 according to the computer program.
In addition, the embodiment of the application also provides a computer readable storage medium for storing a computer program for executing the method provided by the embodiment of the application.
From the above description of embodiments, it will be apparent to those skilled in the art that all or part of the steps of the above described example methods may be implemented in software plus general hardware platforms. Based on such understanding, the technical solution of the present application may be embodied in the form of a software product, which may be stored in a storage medium, such as a read-only memory (ROM)/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network communication device such as a router) to perform the method according to the embodiments or some parts of the embodiments of the present application.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points. The apparatus embodiments described above are merely illustrative, in which the modules illustrated as separate components may or may not be physically separate, and the components shown as modules may or may not be physical modules, i.e., may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the objective of the embodiment. Those of ordinary skill in the art will understand and implement the present application without undue burden.
The foregoing is merely a preferred embodiment of the present application and is not intended to limit the scope of the present application. It should be noted that modifications and adaptations to the present application may occur to one skilled in the art without departing from its scope.
Claims (10)
1. An interface testing method, comprising:
responding to a first operation of selecting a first platform to be tested from a plurality of test platforms, and obtaining the first platform to be tested, wherein the first platform to be tested comprises a login interface and a service interface;
responding to a second operation of selecting a first environment to be tested from a plurality of test environments, and obtaining a first environment to be tested corresponding to the first platform to be tested, wherein the first environment to be tested comprises a preset test set, and the preset test set indicates to execute a corresponding preset test method on the service interface;
acquiring temporary identity authentication parameters generated when the service interface is called;
comparing the temporary identity authentication parameter with a target identity authentication parameter in a decryption result corresponding to target information, and obtaining a comparison result, wherein the target information is information obtained by encrypting an information set comprising the target identity authentication parameter, and the target identity authentication parameter is a parameter generated when the login interface is called;
and if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter, executing the corresponding preset test method on the service interface.
2. The method of claim 1, wherein the obtaining of the target information comprises:
before the temporary identity authentication parameters generated when the business interface is called are obtained, the target identity authentication parameters generated when the login interface is called are obtained;
and encrypting the information set comprising the target identity authentication parameters to obtain the target information.
3. The method of claim 2, wherein the set of information further comprises path parameters corresponding to the traffic interface.
4. The method of claim 1, wherein the performing the corresponding preset test method on the service interface comprises:
executing a corresponding application script on the service interface;
if the process of executing the corresponding application script on the service interface is abnormal and the retry number does not reach the number threshold, executing the corresponding application script on the service interface again, wherein the retry number is the number of executing the corresponding application script on the service interface;
if the process of executing the corresponding application script on the service interface is abnormal and the retry times reach the time threshold, ending the test on the service interface and obtaining a first test result, wherein the first test result indicates that the test on the service interface fails.
5. The method of claim 4, wherein executing the corresponding application script on the service interface comprises:
acquiring test service data obtained by calling the service interface;
and obtaining a second test result according to the test service data and target service data corresponding to the service interface, wherein the target service data is reference data corresponding to the service interface.
6. An interface test system is characterized by comprising a service module, a base module and a test module;
the service module comprises a plurality of test platforms, and the plurality of test platforms comprise a first platform to be tested;
the base module for performing the method of any of claims 1-3 on the business module;
the test module is configured to perform the method of claim 4 or 5 on the service module.
7. The system of claim 6, further comprising a data module;
the data module is used for obtaining the target service data corresponding to the service interface when obtaining the test service data obtained by calling the service interface.
8. The system of claim 6, further comprising a log module;
the log module is used for generating a log in the process of operating the interface test system, and the log is used for reflecting the operation condition of the interface test system.
9. An interface testing apparatus, comprising:
the first obtaining unit is used for responding to a first operation of selecting a first platform to be tested from a plurality of test platforms to obtain the first platform to be tested, wherein the first platform to be tested comprises a login interface and a service interface;
the second obtaining unit is used for responding to a second operation of selecting a first environment to be tested from a plurality of test environments to obtain the first environment to be tested corresponding to the first platform to be tested, wherein the first environment to be tested comprises a preset test set, and the preset test set indicates to execute a corresponding preset test method on the service interface;
the first acquisition unit is used for acquiring temporary identity authentication parameters generated when the service interface is called;
the second acquisition unit is used for comparing the temporary identity authentication parameter with a target identity authentication parameter in a decryption result corresponding to target information, and acquiring a comparison result, wherein the target information is information obtained by encrypting an information set comprising the target identity authentication parameter, and the target identity authentication parameter is a parameter generated when the login interface is called;
and the judging unit is used for executing the corresponding preset test method on the service interface if the comparison result indicates that the temporary identity authentication parameter is consistent with the target identity authentication parameter.
10. An electronic device, the electronic device comprising a processor and a memory:
the memory is used for storing a computer program;
the processor is configured to perform the method of any of claims 1-5 according to the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310406881.6A CN116701170A (en) | 2023-04-17 | 2023-04-17 | Interface testing method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310406881.6A CN116701170A (en) | 2023-04-17 | 2023-04-17 | Interface testing method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116701170A true CN116701170A (en) | 2023-09-05 |
Family
ID=87822810
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310406881.6A Pending CN116701170A (en) | 2023-04-17 | 2023-04-17 | Interface testing method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116701170A (en) |
-
2023
- 2023-04-17 CN CN202310406881.6A patent/CN116701170A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109726099B (en) | Application gray level publishing method, device and equipment | |
| CN111327490B (en) | Byzantine fault-tolerant detection method of block chain and related device | |
| CN108400978B (en) | Vulnerability detection method and device, computer equipment and storage medium | |
| Stephanow et al. | Towards continuous security certification of software-as-a-service applications using web application testing techniques | |
| CN110213293A (en) | VPN login method, device, equipment and computer storage medium | |
| CN113934621A (en) | Fuzzy test method, system, electronic device and medium | |
| KR20170133781A (en) | Apparatus and Method for Testing and diagnosing Virtual Infrastructure | |
| CN114579473B (en) | Application testing method, device, equipment and storage medium | |
| CN110990249B (en) | Code scanning result processing method, device, computer equipment and storage medium | |
| CN115328814B (en) | Fault injection method, device, equipment and storage medium based on mirror pair | |
| CN111949548A (en) | Automatic unauthorized penetration testing method and storage device | |
| CN116701170A (en) | Interface testing method, device and system | |
| CN108347333A (en) | A kind of identity identifying method of terminal, device | |
| CN108307246B (en) | Method, storage medium, equipment and system for calculating popularity of live broadcast room | |
| CN113992353B (en) | Login certificate processing method and device, electronic equipment and storage medium | |
| US11921862B2 (en) | Systems and methods for rules-based automated penetration testing to certify release candidates | |
| CN114036042A (en) | Model testing method, device, computer and readable storage medium | |
| CN114328275A (en) | System testing method, device, computer equipment and storage medium | |
| CN116707844A (en) | Behavior tracking method and device based on public account number, electronic equipment and medium | |
| CN114116522A (en) | Swagger-based method for automatically testing interface | |
| CN113868116A (en) | Test dependent data generation method and device, server and storage medium | |
| CN110198249B (en) | Power distribution automation system testing method and system | |
| CN108366040B (en) | Programmable firewall logic code detection method and device and electronic equipment | |
| CN112468356A (en) | Router interface testing method and device, electronic equipment and storage medium | |
| CN111708649B (en) | Attack detection method and system for service application system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |