Automatic verification and anomaly detection in a representational state transfer (REST) application programming interface
First Claim
1. A computer-implemented method for automatically detecting an anomaly in an application programming interface having a plurality of invariants, the method comprising:
- generating a first data transfer request based on a first mapping of a first representational state transfer operation to a first uniform resource locator template and a request payload, the request payload associated with one or more first commands written in a domain specific language that enables the first representational state transfer operation to be expressed using the one or more first commands independently of the request payload'"'"'s syntax or escape characters;
submitting the generated first data transfer request to a server that implements the application programming interface for processing;
receiving a first response from the server based on the submitted first data transfer request; and
automatically testing the received first response based on the one or more first commands in order to verify that the first response satisfies a first invariant in the plurality of invariants of the application programming interface,wherein the generating, the submitting, the receiving, and the testing are performed by one or more computing devices; and
wherein at least one command in the one or more first commands includes one or more variables, the one or more first commands written in the domain specific language include a return command for extracting a value from the first response and storing the value as a global variable, and the global variable may be substituted for the one or more variables in the one or more first commands.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods for automatically detecting an anomaly in an application programming interface (API) having a plurality of invariants is provided. Such an API may conform to a Representational State Transfer (REST) model or style of software architecture. Such methods enable users to build simple test scripts that can be fed into specialized software applications configured to automatically exercise and test the API using the test scripts. Further, such methods allow automatic testing of API functionality regardless of whether or not the expected output value(s) for a given input are specified.
132 Citations
28 Claims
-
1. A computer-implemented method for automatically detecting an anomaly in an application programming interface having a plurality of invariants, the method comprising:
-
generating a first data transfer request based on a first mapping of a first representational state transfer operation to a first uniform resource locator template and a request payload, the request payload associated with one or more first commands written in a domain specific language that enables the first representational state transfer operation to be expressed using the one or more first commands independently of the request payload'"'"'s syntax or escape characters; submitting the generated first data transfer request to a server that implements the application programming interface for processing; receiving a first response from the server based on the submitted first data transfer request; and automatically testing the received first response based on the one or more first commands in order to verify that the first response satisfies a first invariant in the plurality of invariants of the application programming interface, wherein the generating, the submitting, the receiving, and the testing are performed by one or more computing devices; and wherein at least one command in the one or more first commands includes one or more variables, the one or more first commands written in the domain specific language include a return command for extracting a value from the first response and storing the value as a global variable, and the global variable may be substituted for the one or more variables in the one or more first commands. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-implemented method for automatically detecting an anomaly in an application programming interface having a plurality of invariants, the method comprising:
-
generating a first data transfer request based on a first mapping of a first representational state transfer operation to a first uniform resource locator template and a request payload, the first uniform resource locator template comprising one or more variable parameters, the request payload associated with one or more first commands written in a domain specific language that enables the first representational state transfer operation to be expressed using the one or more first commands independently of the request payload'"'"'s syntax or escape characters; submitting the generated first data transfer request to a server that implements the application programming interface for processing; receiving a first response from the server based on the submitted first data transfer request; and automatically testing the received first response based on the one or more first commands in order to verify that the first response satisfies a first invariant in the plurality of invariants of the application programming interface; wherein the generating, the submitting, the receiving, and the testing are performed by one or more computing devices; and wherein the generating further comprises; generating the first data transfer request based on a second mapping between a data transfer method and the first representational state transfer operation; substituting the first representational state transfer operation with the data transfer method based on the third mapping between the data transfer method and the first representational state transfer operation; and substituting the one or more variable parameters of the first uniform resource locator template with one or more corresponding predetermined values based on the first mapping of the first representational state transfer operation to the first uniform resource locator template.
-
-
13. A computer-implemented method for automatically detecting an anomaly in an application programming interface having a plurality of invariants, the method comprising:
-
generating a first data transfer request based on a first mapping of a first representational state transfer operation to a first uniform resource locator template and a request payload, the request payload associated with one or more first commands written in a domain specific language that enables the first representational state transfer operation to be expressed using the one or more first commands independently of the request payload'"'"'s syntax or escape characters; submitting the generated first data transfer request to a server that implements the application programming interface for processing; receiving a first response from the server based on the submitted first data transfer request; and automatically testing the received first response based on the one or more first commands in order to verify that the first response satisfies a first invariant in the plurality of invariants of the application programming interface, wherein the generating, the submitting, the receiving, and the testing are performed by one or more computing devices; and wherein the plurality of invariants includes one or more of data-typing rules, nesting rules, formatting rules, default-value rules, and content-mismatch rules, wherein each of the data-typing rules, the nesting rules, the formatting rules, the default-value rules, and the content-mismatch rules may be based on variables associated with the first uniform resource locator template.
-
-
14. A computer-implemented method for automatically detecting an anomaly in an application programming interface having a plurality of invariants, the method comprising:
-
identifying request constraints associated with a first data transfer request, the identifying including recognizing data type and formatting patterns associated with the first data transfer request; generating the first data transfer request based on a first mapping of a first representational state transfer operation to a first uniform resource locator template and a request payload, the request payload associated with one or more first commands written in a domain specific language that enables the first representational state transfer operation to be expressed using the one or more first commands independently of the request payload'"'"'s syntax or escape characters; submitting the generated first data transfer request to a server that implements the application programming interface for processing; receiving a first response from the server based on the submitted first data transfer request; automatically testing the received first response based on the one or more first commands in order to verify that the first response satisfies a first invariant in the plurality of invariants of the application programming interface; generating a second data transfer request in accordance with the identified request constraints and based on the recognized data type and formatting patterns; and submitting the generated second data transfer request to the server that implements the application programming interface for processing; wherein the generating, the submitting, the receiving, and the testing are performed by one or more computing devices.
-
-
15. A system for automatically detecting an anomaly in an application programming interface having a plurality of invariants, the system comprising:
-
non-transitory memory storing instructions; and a data processing device in communication with the non-transitory memory and executing the instructions to implement; a request generator configured to generate a first data transfer request based on a first mapping of a first representational state transfer operation to a first uniform resource locator template and a request payload, the request payload associated with one or more first commands written in a domain specific language that enables the first representational state transfer operation to be expressed using the one or more first commands independently of the request payload'"'"'s syntax or escape characters, and to submit the generated first data transfer request to a server that implements the application programming interface for processing; and a response manager configured to receive a first response from the server based on the submitted first data transfer request, and to automatically test the received first response based on the one or more first commands in order to verify that the first response satisfies a first invariant in the plurality of invariants of the application programming interface; wherein at least one command in the one or more first commands includes one or more variables, and wherein the one or more first commands written in the domain specific language include a return command for extracting a value from the first response and storing the value as a global variable, wherein the global variable may be substituted for the one or more variables in the one or more first commands. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A system for automatically detecting an anomaly in an application programming interface having a plurality of invariants, the system comprising:
-
non-transitory memory storing instructions; and a data processing device in communication with the non-transitory memory and executing the instructions to provide; a request generator configured to generate a first data transfer request based on a first mapping of a first representational state transfer operation to a first uniform resource locator template and a request payload, the request payload associated with one or more first commands written in a domain specific language that enables the first representational state transfer operation to be expressed using the one or more first commands independently of the request payload'"'"'s syntax or escape characters, and to submit the generated first data transfer request to a server that implements the application programming interface for processing; and a response manager configured to receive a first response from the server based on the submitted first data transfer request, and to automatically test the received first response based on the one or more first commands in order to verify that the first response satisfies a first invariant in the plurality of invariants of the application programming interface; wherein the first uniform resource locator template includes one or more variable parameters, wherein the request generator is further configured to generate the first data transfer request based on a third mapping between a data transfer method and the first representational state transfer operation, to substitute the first representational state transfer operation with the data transfer method based on the third mapping between the data transfer method and the first representational state transfer operation, and to substitute the one or more variable parameters of the first uniform resource locator template with one or more corresponding predetermined values based on the first mapping of the first representational state transfer operation to the first uniform resource locator template.
-
-
27. A system for automatically detecting an anomaly in an application programming interface having a plurality of invariants, the system comprising:
-
non-transitory memory storing instructions; and a data processing device in communication with the non-transitory memory and executing the instructions to provide; a request generator configured to generate a first data transfer request based on a first mapping of a first representational state transfer operation to a first uniform resource locator template and a request payload, the request payload associated with one or more first commands written in a domain specific language that enables the first representational state transfer operation to be expressed using the one or more first commands independently of the request payload'"'"'s syntax or escape characters, and to submit the generated first data transfer request to a server that implements the application programming interface for processing; and a response manager configured to receive a first response from the server based on the submitted first data transfer request, and to automatically test the received first response based on the one or more first commands in order to verify that the first response satisfies a first invariant in the plurality of invariants of the application programming interface; wherein the plurality of invariants includes one or more of data-typing rules, nesting rules, formatting rules, default-value rules, and content-mismatch rules, wherein each of the data-typing rules, the nesting rules, the formatting rules, the default value rules, and the content-mismatch rules may be based on variables associated with the first uniform resource locator template.
-
-
28. A system for automatically detecting an anomaly in an application programming interface having a plurality of invariants, the system comprising:
-
non-transitory memory storing instructions; and a data processing device in communication with the non-transitory memory and executing the instructions to provide; a request generator configured to generate a first data transfer request based on a first mapping of a first representational state transfer operation to a first uniform resource locator template and a request payload, the request payload associated with one or more first commands written in a domain specific language that enables the first representational state transfer operation to be expressed using the one or more first commands independently of the request payload'"'"'s syntax or escape characters, and to submit the generated first data transfer request to a server that implements the application programming interface for processing; and a response manager configured to receive a first response from the server based on the submitted first data transfer request, and to automatically test the received first response based on the one or more first commands in order to verify that the first response satisfies a first invariant in the plurality of invariants of the application programming interface; wherein the request generator is further configured to identify request constraints associated with the first data transfer request, to generate a second data transfer request in accordance with the identified request constraints, and to submit the generated second data transfer request to the server that implements the application programming interface for processing; and wherein the request generator is configured to recognize data type and formatting patterns associated with the first data transfer request, and to generate the second data transfer request based on the recognized data type and formatting patterns.
-
Specification