Validating Response Headers in RestAssured - Notes By ShariqSP
Validating Response Headers in RestAssured
In this section, we will demonstrate how to validate response headers in RestAssured when handling the given JSON data. Response headers are crucial in verifying that the server's response conforms to expected standards, such as content type, encoding, and other metadata.
Sample JSON Response
{
"name": "TechCorp",
"location": "New York",
"phone": "+1234567890",
"email": "contact@techcorp.com",
"lastUpdated": "2024-11-25T07:17:36.204Z",
"mobileItems": [
{
"brand": "Samsung",
"model": "Galaxy S23 Ultra",
"price": 1199.99,
"currency": "USD",
"specifications": {
"processor": "Snapdragon 8 Gen 2",
"ram": "12GB",
"storage": "256GB",
"rearCamera": "200MP",
"frontCamera": "40MP",
"battery": 5000,
"os": "Android 13"
},
"warranty": {
"coverage": "Manufacturer",
"duration": 2
},
"availability": [
{
"store": "Best Buy",
"stock": 25
},
{
"store": "Amazon",
"stock": 50
}
]
}
]
}
Validating Response Headers
When a server responds to an API request, headers provide metadata about the response. Common headers include:
- Content-Type: Indicates the media type of the response body (e.g.,
application/json). - Content-Length: Indicates the size of the response body in bytes.
- Server: Identifies the software used by the server to handle the request.
- Date: Provides the date and time when the response was generated.
Example Code for Header Assertions
The following example demonstrates how to send a GET request and validate various headers in the response.
import io.restassured.RestAssured;
import static io.restassured.RestAssured.*;
import static org.hamcrest.Matchers.*;
public class HeaderValidationTest {
public static void main(String[] args) {
RestAssured.given()
.get("http://apitesting.shariqsp.com:8080/api/companies")
.then()
.assertThat()
.statusCode(200) // Validate response status code
.header("Content-Type", "application/json") // Validate Content-Type header
.header("Server", containsString("Apache")) // Validate that Server header contains "Apache"
.header("Content-Length", notNullValue()) // Validate that Content-Length header is present
.header("Date", notNullValue()); // Validate that Date header is present
}
}
Explanation of Assertions
- Status Code: Ensures that the server responds with HTTP status code 200 (OK).
- Content-Type Header: Validates that the response's
Content-Typeisapplication/json, indicating the payload is in JSON format. - Server Header: Checks that the
Serverheader contains "Apache," suggesting the server technology used. - Content-Length Header: Ensures that the
Content-Lengthheader is present and not null, which specifies the size of the response body. - Date Header: Validates that the
Dateheader exists in the response, confirming the timestamp of the response.
Why Validate Headers?
Validating response headers ensures:
- Data Integrity: Confirms the payload format and size.
- Server Compliance: Verifies that the server adheres to API specifications.
- Debugging Support: Helps identify server or network issues based on headers like
DateandServer. - Security Checks: Validates headers to ensure no unintended information is exposed.
Conclusion
Validating response headers in RestAssured is a simple yet powerful practice to ensure your API behaves as expected. By asserting key headers, you can verify that your server returns responses with the correct metadata, improving the reliability and robustness of your automated tests.
Validating Response Components in RestAssured
When testing APIs, it is essential to validate various aspects of the response, such as the status code, status line, content type, and specific key-value pairs in the response headers. This ensures that the API behaves as expected and provides the correct metadata alongside the response body.
Response Validation Breakdown
Below, we demonstrate how to validate the following components:
- Content-Type Header: To ensure the correct media type of the response.
- Status Code: To verify the server returned the expected HTTP status.
- Status Line: To validate the full HTTP status line.
- Key-Value Pairs: To check specific headers like
Transfer-Encodingor custom headers.
Example Code for Separate Validations
import io.restassured.RestAssured;
import static io.restassured.RestAssured.*;
import static org.hamcrest.Matchers.*;
public class SeparateValidations {
public static void main(String[] args) {
// Base URL
String baseURL = "http://apitesting.shariqsp.com:8080/api/companies";
// Validate Content-Type Header
given()
.get(baseURL)
.then()
.assertThat()
.header("Content-Type", "application/json");
// Validate Status Code
given()
.get(baseURL)
.then()
.assertThat()
.statusCode(200);
// Validate Status Line
given()
.get(baseURL)
.then()
.assertThat()
.statusLine("HTTP/1.1 200 OK");
// Validate Specific Header Key-Value Pairs
given()
.get(baseURL)
.then()
.assertThat()
.header("Transfer-Encoding", "chunked") // Example: Check if the response is chunked
.header("Server", containsString("Apache")) // Example: Check if server contains "Apache"
.header("Date", notNullValue()); // Ensure the Date header exists
}
}
Explanation of Assertions
- Content-Type: Verifies that the response header specifies
application/json, ensuring the payload format is JSON. - Status Code: Asserts that the response returns a
200HTTP status code, indicating a successful request. - Status Line: Checks the entire HTTP status line to match the expected format, including protocol, status code, and description.
- Key-Value Pairs: Validates specific header values like
Transfer-Encodingbeingchunkedand ensures theDateheader exists.
Why Validate Separately?
Separating validations provides better debugging and clarity:
- Focused Testing: Helps identify which specific aspect (status code, content type, or headers) fails in case of an issue.
- Granularity: Allows targeted fixes for specific API response components without altering others.
- Debugging: Easier to pinpoint issues in headers like
Transfer-Encodingor unexpected content type.
Conclusion
By validating each component of the API response separately, you ensure the robustness and reliability of your API testing strategy. Focused validations help identify issues with precision, improving the overall quality of your automated tests.