How to get request body from from mock-server.org - mockserver

I am planning to use mock server from mock-server.org for a cypress project.
Is there any way to get requests body from the server so I can validate the schema and the content?

Related

Postman: Generating POST request body from GET response

I generate an API and Collection for my app by applying the steps on the following article: The hidden gem: Postman API and Documentation feature.
You may try by using a test endpoint e.g. https://petstore.swagger.io (user:test, pass:abc123).
Here is an example json body that I am trying to generate:
{
"name": "{{$randomLoremSentence}}",
"description": "{{$randomAdjective}}",
"productUuid": "{{productUuid}}",
"address": "{{$randomLoremSentence}}"
}
However, I am looking for a practical way for generating json body for Postman requests. Is there a proper way for this? Or do ı have to build each request manually? I think there must a a smarter way. Any idea?
The JSON response body is not created within POSTMAN, it is generated by the response from a web API HTTP request.
The API method that is executed determines the response.
Once you have determined the response and it's structure, you can then create the request and test script within a POSTMAN Collection.
It is easier to manually test each HTTP request with sample inputs then copy that into an existing Collection, then write the test scripts for each test case, template any input parameters into URL query strings or the
JSON request body with global or collection scoped variables.
After you have determined how to parameterize and template each request (and both the Test Script and Pre-request Script), you will then be able to
implement the test script to create assertions on the JSON response content using BDD expressions.
I recommend looking at the POSTMAN documentation at
https://learning.postman.com/docs/writing-scripts/test-scripts/
https://learning.postman.com/docs/writing-scripts/script-references/test-examples/
as it shows some really good examples on how to create a basic test, then automate it using JavaScript, Chai BDD language and the POSTMAN Collection Runner.
This is based on my experience with POSTMAN. I am not aware of any simple way
to automate request and test script creation from API Swagger definitions as every API method response could have any number of potential responses based on different inputs, so this (I believe) has to be constructed manually by the tester.

Signalr poll request manipulated from POST to GET vulnerability

In my web application i am using signalR. SignalR connection is using the longpolling transport, which is making the POST request to the server and passing parameters in the query string.
Now i scanned my application using the IBM app scan tool. The test manipulated /signalr/poll request's Method from POST to GET and executed the manipulated required on the server. Server responded same in case of both GET and POST verbs for same request. So tool reported this request vulnerable because responses are identical.
So how can i restrict on the signalR HUB server to accept this request only using POST method?
Below is the requets:
Original Request
Manipulated request

Rails acces external API through a get request from another get request(requestception)

I have a rails client-server app that also needs to get some data from an external api with a authentication token. The authentication token is stored on my rails server.
Basically want I want to do is: when a user triggers a get request from my client-side to my server-side, I get some data from my database on the server and I want to get some data from the external api en send both sets of data as a response back to client.
But I'm not sure if it's a good Idea to send a get request from another get request like that.
Is that how this is typically done or is there a better way?
Create an ActiveJob job with the GET request to external API.
Have your client's GET request to trigger the job.
Collect all the data you need and send response back to client

CXF post api fails via jmeter

Trying to automate my test cases using jmeter. I have used cxf for rest apis on my web server. I have an api which actually takes a java object as parameter. On jmeter I have selected the POST method under HTTP-request and sending json data in Body data. The api gets called fine. However the parameter comes null and hence by api fails. I did try changing the parameter to String object, however I get this string as null.
Is this the right way to call apis via jmeter. Or is this failing because I have used cxf on my server.
Any help is appreciated.
Thanks
Most likely you need to add a HTTP Header Manager and configure it to send Content-Type header with the value of application/json
See Testing SOAP/REST Web Services Using JMeter for detailed explanation on JMeter configuration for REST API testing.
Other thing you could try out is using SoapUI tool to send the request to your CXF endpoint and if it succeeds - inspect the request and configure JMeter accordingly. By the way, SoapUI has some limited load testing capabilities, may be it will be enough for your scenario

Caching http responses in iOS

I'm starting an iOS app that consume a Restful API.
I have control over that API and I'm confusing with the caching policies.
To begin, I only need caching a concrete resoruce, but the problem is that resource can change when I insert new record in the database.
Then, how can I tell to the application "Hey! Make the request only if there have been changes and if not, you get the data from the cache!"
I'm using AFNetworking to make requests..
You'll have to make a decision on either server or client side and build your own protocol.
Example:
You could send the server JSON post request which contains the 'version' of the data you have in the app. On the server-side you will increment the version number each time the data gets refreshed. If the version number does not match at server-side, the server will respond with all new data, else the server responds JSON with 'up to date'
EDIT:
If you are looking for an HTTP response saying that the data is not modified. This is done on server side. You'll have to implement this in the server.

Resources