1
00:00:00,920 --> 00:00:03,060
Okay so hopefully you've been able to

2
00:00:03,060 --> 00:00:05,670
find some 500 errors in the application.

3
00:00:05,670 --> 00:00:08,130
There are these two ways to see that. But

4
00:00:08,130 --> 00:00:09,540
in this video we'll walk through the

5
00:00:09,540 --> 00:00:11,490
solution to the ones that I know of.

6
00:00:11,490 --> 00:00:13,440
Now this service is not very robust, so

7
00:00:13,440 --> 00:00:14,849
it's quite possible that you found

8
00:00:14,849 --> 00:00:16,139
different errors than the one I found,

9
00:00:16,139 --> 00:00:18,420
and if so great work. The whole point of

10
00:00:18,420 --> 00:00:19,740
this exercise is to get you thinking

11
00:00:19,740 --> 00:00:22,470
about how to test APIs, so any issues

12
00:00:22,470 --> 00:00:24,000
that you find are helping you on that

13
00:00:24,000 --> 00:00:26,039
path. Since I know how to do it, I'm gonna

14
00:00:26,039 --> 00:00:28,080
follow a fairly direct path in this

15
00:00:28,080 --> 00:00:29,820
video to showing the issues, but of

16
00:00:29,820 --> 00:00:31,320
course you would have needed to do some

17
00:00:31,320 --> 00:00:32,579
poking around to figure out the

18
00:00:32,579 --> 00:00:33,570
structure and layout of the application.

19
00:00:33,570 --> 00:00:36,840
So you probably didn't follow nearly as

20
00:00:36,840 --> 00:00:39,809
linear a path as I did. So the first way

21
00:00:39,809 --> 00:00:41,730
that we get to a 500 error is by trying

22
00:00:41,730 --> 00:00:43,860
to post to an existing object. So I'll

23
00:00:43,860 --> 00:00:46,350
bring up Postman here. We've got

24
00:00:46,350 --> 00:00:48,870
something set up already so I'll walk

25
00:00:48,870 --> 00:00:50,760
you through the process a little bit of

26
00:00:50,760 --> 00:00:53,010
how we might do this. So let's change

27
00:00:53,010 --> 00:00:56,280
this, let's do a GET on blog posts slash

28
00:00:56,280 --> 00:00:59,969
one. I'll send that request and we get

29
00:00:59,969 --> 00:01:02,699
back the first blog post as we would

30
00:01:02,699 --> 00:01:06,510
expect. Now at this point let's see what

31
00:01:06,510 --> 00:01:09,000
happens if we POST to this already

32
00:01:09,000 --> 00:01:11,729
existing blog post, so let's change the

33
00:01:11,729 --> 00:01:15,530
GET to a POST, and then we'll use this as

34
00:01:15,530 --> 00:01:21,119
our body, and let's just let's change it

35
00:01:21,119 --> 00:01:26,960
to raw JSON, and we'll just send back

36
00:01:26,960 --> 00:01:30,479
what we have. Okay so let's try posting

37
00:01:30,479 --> 00:01:33,720
this and see what happens. So we send

38
00:01:33,720 --> 00:01:35,909
that, and if we scroll down here we see

39
00:01:35,909 --> 00:01:39,600
we get a 404 not found. But let's try one

40
00:01:39,600 --> 00:01:41,880
more thing, let's try posting this

41
00:01:41,880 --> 00:01:44,520
without the explicit reference in the

42
00:01:44,520 --> 00:01:48,450
URL. So we'll change this just to blog

43
00:01:48,450 --> 00:01:51,630
posts, and you can see here we still have

44
00:01:51,630 --> 00:01:54,329
this ID specified. So we're still saying

45
00:01:54,329 --> 00:01:57,689
I want to create ID one, so let's send

46
00:01:57,689 --> 00:01:59,100
this and see what happens.

47
00:01:59,100 --> 00:02:01,890
We'd expect a similar response as before,

48
00:02:01,890 --> 00:02:05,219
but here we got a 500 internal server

49
00:02:05,219 --> 00:02:08,068
error because it in failed when it tried

50
00:02:08,068 --> 00:02:10,860
to insert due to this duplicate ID. So

51
00:02:10,860 --> 00:02:12,690
look at that, there's our first 500 error.

52
00:02:12,690 --> 00:02:13,650
Now

53
00:02:13,650 --> 00:02:15,150
in this case there's a little bit of

54
00:02:15,150 --> 00:02:16,980
debate about exactly what the return

55
00:02:16,980 --> 00:02:19,200
code should be when we try to post to an

56
00:02:19,200 --> 00:02:20,910
existing resource, so let's leave this

57
00:02:20,910 --> 00:02:22,349
one for now let's try to find another

58
00:02:22,349 --> 00:02:25,110
500 error. So we really should not be

59
00:02:25,110 --> 00:02:27,360
specifying the ID in the body here, we

60
00:02:27,360 --> 00:02:29,310
should be letting the server take care

61
00:02:29,310 --> 00:02:34,170
of it. So let's take that out, and let's

62
00:02:34,170 --> 00:02:39,810
look at doing a PUT. And actually let's

63
00:02:39,810 --> 00:02:41,760
switch this, let's look at it just a

64
00:02:41,760 --> 00:02:43,080
whole different part of the application.

65
00:02:43,080 --> 00:02:46,319
So let's change this to avatars instead

66
00:02:46,319 --> 00:02:49,680
of blog posts. So we're gonna look at the

67
00:02:49,680 --> 00:02:51,900
avatars, and let's actually just start

68
00:02:51,900 --> 00:02:53,880
again with a GET so that we can see what

69
00:02:53,880 --> 00:02:55,079
the structure looks like so you can

70
00:02:55,079 --> 00:02:56,910
understand it a bit better. So we'll

71
00:02:56,910 --> 00:02:59,610
change that to a GET, we'll send that and

72
00:02:59,610 --> 00:03:02,910
this is what we get back as the data for

73
00:03:02,910 --> 00:03:05,129
our avatar. And you can see the

74
00:03:05,129 --> 00:03:06,629
information that it has, it's pointing to

75
00:03:06,629 --> 00:03:08,280
various other items in the system that

76
00:03:08,280 --> 00:03:11,819
the avatar is related to. So now let's

77
00:03:11,819 --> 00:03:14,790
change this, and let's try to do a PIU. So

78
00:03:14,790 --> 00:03:17,609
again we'll copy our body, let's change

79
00:03:17,609 --> 00:03:23,130
this to PUT go here, and we will make

80
00:03:23,130 --> 00:03:27,450
this the body of our request. Let's try

81
00:03:27,450 --> 00:03:29,880
to do something interesting, let's see

82
00:03:29,880 --> 00:03:31,530
what happens if we remove one of those

83
00:03:31,530 --> 00:03:34,560
fields. Let's remove the blog post ID,

84
00:03:34,560 --> 00:03:37,920
just delete that, and let's send this

85
00:03:37,920 --> 00:03:40,170
request and see what happens. So we'll

86
00:03:40,170 --> 00:03:43,319
send this request, and we scroll down and

87
00:03:43,319 --> 00:03:46,889
it's okay here. And you can see that it

88
00:03:46,889 --> 00:03:49,230
has automatically set this missing field,

89
00:03:49,230 --> 00:03:52,859
so we didn't have a blog post ID up here

90
00:03:52,859 --> 00:03:55,950
in the body that we sent, but it created

91
00:03:55,950 --> 00:03:58,109
a blog post ID for us. Interestingly

92
00:03:58,109 --> 00:04:00,450
though it has kind of set this to null.

93
00:04:00,450 --> 00:04:02,790
So I wonder what happens if we try to

94
00:04:02,790 --> 00:04:06,180
look at that blog post from here. So

95
00:04:06,180 --> 00:04:08,549
let's go back up to our URL, let's change

96
00:04:08,549 --> 00:04:10,560
it to a GET, let's try to get some

97
00:04:10,560 --> 00:04:11,970
information, and if you remember we have

98
00:04:11,970 --> 00:04:14,250
these parameters available, so let's add

99
00:04:14,250 --> 00:04:17,608
the expand parameter. So we want to

100
00:04:17,608 --> 00:04:19,320
expand out the resources, and let's

101
00:04:19,320 --> 00:04:23,159
expand out that blog posts because we

102
00:04:23,159 --> 00:04:25,260
had that as null here, this blog post

103
00:04:25,260 --> 00:04:27,089
idea, so let's expand that out and see

104
00:04:27,089 --> 00:04:27,459
what happens.

105
00:04:27,459 --> 00:04:31,570
So we'll send that request and we get an

106
00:04:31,570 --> 00:04:33,910
error saying it does not have a parents

107
00:04:33,910 --> 00:04:37,449
blog post. So let's try to embed it

108
00:04:37,449 --> 00:04:41,259
instead, and send that request and it was

109
00:04:41,259 --> 00:04:45,570
okay. It's because we want to expand this,

110
00:04:45,570 --> 00:04:51,430
so let's expand it and it blog post not

111
00:04:51,430 --> 00:04:53,680
blog post is the parameter. And there we

112
00:04:53,680 --> 00:04:55,539
get it, we get our 500 internal server

113
00:04:55,539 --> 00:04:58,300
error. So we cannot read this property to

114
00:04:58,300 --> 00:05:00,039
string of null is the actual error that

115
00:05:00,039 --> 00:05:02,910
we get, but that shows you that there are

116
00:05:02,910 --> 00:05:05,710
various ways of poking around at an API

117
00:05:05,710 --> 00:05:08,470
that can expose issues. And so hopefully

118
00:05:08,470 --> 00:05:09,850
you had some fun doing this on your own.

119
00:05:09,850 --> 00:05:14,169
You can see here how I followed a fairly

120
00:05:14,169 --> 00:05:16,419
linear path, but you probably used much

121
00:05:16,419 --> 00:05:18,610
more trial and error, but hopefully it

122
00:05:18,610 --> 00:05:20,740
was still fun for you and showed you a

123
00:05:20,740 --> 00:05:22,240
taste of how you can go about

124
00:05:22,240 --> 00:05:25,870
approaching testing an API. In the next

125
00:05:25,870 --> 00:05:28,000
section, we're gonna start talking about

126
00:05:28,000 --> 00:05:30,669
how to create automated regression tests,

127
00:05:30,669 --> 00:05:35,669
hope to see you there.