I know that Fetch Domain is used for this purpose but I do not know how exactly I can implement it. In Selenium python, I used the following code to enable issuing of requestPaused events.
driver.execute_cdp_cmd("Fetch.enable",{})
driver.get('https://www.example.com')
But I do not know how can I handle requestPaused event (I need to call one fulfillRequest or continueRequest/continueWithAuth). As a result, my program stops working.
I really appreciate it if anyone could provide me an example to help me understand how it works.
Yes, you saw it right.
As per the release notes of Selenium v4.0.0-alpha-3:
* Expose devtools APIs from chromium derived drivers.
* Expose presence of devtools support on a role-based interface
As per the release notes of Selenium v4.0.0.0-alpha-1:
* Basic support for CDP landed via the "DevTools" interface.
So chrome-devtools-protocol is all set to be available with selenium4 which will allow for tools to instrument, inspect, debug and profile Chromium, Chrome and other Blink-based browsers. In the discussion Controlling Chrome Devtools with Selenium Webdriver #AdiOhana mentions of the example usage of a few commands from the Profiler Domain as follows:
driver.getDevTools().createSession();
driver.getDevTools().send(new Command("Profiler.enable", ImmutableMap.of()));
driver.getDevTools().send(new Command("Profiler.start", ImmutableMap.of()));
//register to profiler events
driver.getDevTools().addListener(new Event("Profiler.consoleProfileStarted", ConsoleProfileStarted.class), new Consumer<Object>() {
#Override
public void accept(Object o) {
//do something
}
});
Note: Until the Profiler domain will added to Selenium java client, you will have to supply your Mapper.
Fetch Domain
Fetch Domain will enable clients substitute browser's network layer with client code.
The Fetch Domain methods are as follows:
Fetch.disable: Disables the fetch domain.
Fetch.enable: Enables issuing of requestPaused events. A request will be paused until client calls one of failRequest, fulfillRequest or continueRequest/continueWithAuth.
Fetch.failRequest: Causes the request to fail with specified reason.
Fetch.fulfillRequest: Provides response to the request.
Fetch.continueRequest: Continues the request, optionally modifying some of its parameters.
Fetch.continueWithAuth: Continues a request supplying authChallengeResponse following authRequired event.
Fetch.getResponseBody: Causes the body of the response to be received from the server and returned as a single string. May only be issued for a request that is paused in the Response stage and is mutually exclusive with takeResponseBodyForInterceptionAsStream. Calling other methods that affect the request or disabling fetch domain before body is received results in an undefined behavior.
Fetch.takeResponseBodyAsStream: Returns a handle to the stream representing the response body. The request must be paused in the HeadersReceived stage. Note that after this command the request can't be continued as is -- client either needs to cancel it or to provide the response body. The stream only supports sequential read, IO.read will fail if the position is specified. This method is mutually exclusive with getResponseBody. Calling other methods that affect the request or disabling fetch domain before body is received results in an undefined behavior.
The Fetch Domain events are as follows:
Fetch.requestPaused: Issued when the domain is enabled and the request URL matches the specified filter. The request is paused until the client responds with one of continueRequest, failRequest or fulfillRequest. The stage of the request can be determined by presence of responseErrorReason and responseStatusCode -- the request is at the response stage if either of these fields is present and in the request stage otherwise.
Fetch.authRequired: Issued when the domain is enabled with handleAuthRequests set to true. The request is paused until client responds with continueWithAuth.
References
You can find a couple of revelant discussions in:
Can Selenium WebDriver (java) interact with the Browser's inspect tool element selector?
What is the difference between WebDriver and DevTool protocol
Related
Notice: Trying to get property of non-object in /var/www/maps/api/place/DeletePlace.php on line 42
The error means that the application you're testing tries to read some property from something not being an object.
If the behaviour can be reproduced using a real browser it indicates a bug in your application
If it happens only with JMeter and isn't reproducible with the browser you need to cross check the request JMeter sends using View Results Tree listener and the request the browser sends using "Network" tab of your browser developer tools - the requests must be exactly the same (apart from dynamic parameters which need to be correlated)
The most common mistake when it comes to API testing using JMeter is that people forget to add HTTP Header Manager and configure it to send a valid Content-Type header
I have recorded a login flow of an application and found some URIs like below:
/api/oauth2/initiate GET
/oauth2/authorize GET
/api/v1/oauth2/authorize GET
/api/v1/oauth2/authenticate POST
{"username":"${Username}","password":"${Password}","client_id":"${client_Id}","response_type":"code","redirect_uri":"${scheme}://${host}/api/oauth2/callback","server_id":"${server_Id}"}
When I am hitting above in sequence via JMeter I am getting 200 response. Just like JMeter I tried recording in Postman and it worked same, but instead of JSON it gave response in XML format.
It doesn't generate a access_token, it works via session cookies.
My question is - Do I really have API access or it is just browser record n play? If Yes, Does this mean I can get access to any API, if I am a registered user of that application? For ex: Facebook, YouTube or any startup website.
JMeter works on the protocol level. This means that whatever request you are generating. Say a simple browser request or an API call, you can do that easily.
Now the thing is replicating requests. You don't need to record the requests necessarily using the browser. You need to analyze the few things that are required. Say Postman is generating a request. You specify the things you want to send and you use the API Token there. The same things can be specified there as well. It all depends on how you are understanding the concept of request generation.
You simply need to replicate the samplers and the parameters. And the request headers in postman can be replicated here in the same way.
For each HTTP Request Sampler make sure you add a corresponding child HTTP Header Manager config element.
Headers basically tell the server that what client we are using and in what form data is being sent and then server responds accordingly with the information.
What you're recorded is OAuth2 flow and you won't be able to replay it without correlating the dynamic values.
You can have access to Google API or Facebook Graph API given you have proper access_token but I don't think you should be testing them directly, you should focus on solely your application.
I'm using Nightwatch.js to test a MERN stack application—it makes calls to the Twilio API when it receives a POST request at /sms/outgoing/.
I would rather not send SMS messages every time I run my e2e tests—instead I'd like to stub out the behaviour and, ideally, return the request data, so that I can check my app is submitting the correct info.
I have looked at libraries such as nock and fetch-mock, but neither of these will work with tests that rely on selenium.
Is there a library that can intercept requests made by Selenium Server and provide the stubbing behaviour I'm after?
As you have mentioned nock and fetch-mock, I assume you're using a node server?
If that is the case, you could modify the server to detect an environment variable process.env.MOCK_API and return hard-coded responses to fetch request using fetch-reply-with
Whenever I try to add the following endpoint, "http://ws.cdyne.com/phoneverify/phoneverify.asmx", during the Managed API setup process and press the Test button I get an error on the server. ERROR - APIProviderHostObject Error occurred while connecting to backend : "stackOverflow preventing me from showing this link", reason: Connect to ws.cdyne.com:80 timed out
When I try this exact same process on a machine outside of our proxy it works fine. I have gone into the axis2.xml file and added proxy information and even went as far as installing cntlm and setting the proxy to localhost - same error.
I can browse to the above link just fine on this machine.
My environment is Windows 10.
I assume you talk about clicking the Test button when providing Backend Endpoint in API publisher.
The way that Test button works at the moment (as far as I understand) is that it invokes HTTP HEAD method on the endpoint provided (because according to RFC 2616, "This method is often used for testing hypertext links for validity, accessibility, and recent modification.")
Then it checks response. If response is valid or 405 (method not allowed), then the URL is marked as Valid.
Thus sometimes, if backend is not properly following RFC, you might get otherwise working URLs declared as Invalid during the test because of that improper HEAD response evaluation. Obviously, this is just a check for your convenience and you can ignore the check if you know the endpoint works for the methods and resources you need it to work.
So my advice would be to try ignoring the Test and just finishing setting up and publishing the API.
P.S. I am checking it on WSO2 API Cloud but behavior is identical to downloadable API Manager.
I am trying to use JMeter to test our Web Application. We originally used LoadComplete to test our Web Application, but because LoadComplete is not able to run on a non-GUI mode, we were not able to use the max stat’s from our test server (strain our 8 CPU’s and 8GB’s of RAM). That is why I moving towards JMeter (https://blazemeter.com/blog/5-ways-launch-jmeter-test-without-using-jmeter-gui).
The test includes logging in, choosing a specific app, do a simple task through this app and then end the recording. The HTTP Requests, which are failing are printing Failed Access on their Response Data on the View Results Tree.
I used the HTTP(S) Test Script Recorder to record each HTTP request. My JMeter project is failing on a few different HTTP Requests, which includes oauthtoken Get Request that includes jessionid="item", a GET resourceLastAccessedTime Request, and a couple GET resourceLastAccessedTime Requests. I tried to follow blazementer's guidance for how to use JMeter for Login Authentication, because these requests seem to be involved with the authentication of each user after logging in and the problem I am getting on Response data for each of these requests on the View Results Tree it says Access denied. (https://docs.blazemeter.com/customer/portal/articles/1743663-how-to-use-jmeter-for-login-authentication-).
One of the steps is to "copy and paste" the Parameters from the Post request after you login to these requests. I can add these parameters to these requests right below where it says Send Parameters with the request, but our POST request only has two parameters (the login name and the password). Is there somewhere else to look for these parameters?
I tried a combination of a lot of different attempts, but I am still unsuccessful (meaning: I moved the Regular Expression Extractor to a few different HTTP requests and I moved which HTTP requests to put those parameters and I have not been successful yet).
Do you know of a URL that could be helpful for this?
Don't trust Test Script Recorder! It doesn't follow any logic while recording your requests. It just records requests processed through proxy as they are. In case you use parameters that can't be defined as constants, the best way would be to rewrite the script manually.
Be patient and spend some hours (only once!) to learn how to construct any test scenarios (even complex) manually using Jmeter GUI. It will save you a lot of time for debugging.
It seems like (just a guess) that your test scenario doesn't contain Cookie Manager item. Based on what you wrote above, it seems like after logging to serer (by sending POST with login and password) it sets some cookies by Set-Cookie HTTP header. These cookies should be included in every next request as a prove that you successfully logged in before (the most common logic for simple web applications). So, if you get Access Denied, means you didn't include appropriate cookies in test request. Use Cookie Manager for that.
Feel free to ping me in case you need any assistance.
Jmeter help manual is all you need to know about how each element works.
P.S.: Jmeter also can generate distributed load from multiple slave servers, in GUI and CLI modes both. So, in case you need to stress your server yout, Jmeter is the best choise.
And welcome to Jmeter users family! Good luck.