Design and Build Great Web APIs

Design and Build Great Web APIs

Author: Mike Amundsen

Publisher: Pragmatic Bookshelf

Published: 2020-10-06

Total Pages: 444

ISBN-13: 168050813X

DOWNLOAD EBOOK

APIs are transforming the business world at an increasing pace. Gain the essential skills needed to quickly design, build, and deploy quality web APIs that are robust, reliable, and resilient. Go from initial design through prototyping and implementation to deployment of mission-critical APIs for your organization. Test, secure, and deploy your API with confidence and avoid the "release into production" panic. Tackle just about any API challenge with more than a dozen open-source utilities and common programming patterns you can apply right away. Good API design means starting with the API-First principle - understanding who is using the API and what they want to do with it - and applying basic design skills to match customers' needs while solving business-critical problems. Use the Sketch-Design-Build method to create reliable and scalable web APIs quickly and easily without a lot of risk to the day-to-day business operations. Create clear sequence diagrams, accurate specifications, and machine-readable API descriptions all reviewed, tested, and ready to turn into fully-functional NodeJS code. Create reliable test collections with Postman and implement proper identity and access control security with AuthO-without added cost or risk to the company. Deploy all of this to Heroku using a continuous delivery approach that pushes secure, well-tested code to your public servers ready for use by both internal and external developers. From design to code to test to deployment, unlock hidden business value and release stable and scalable web APIs that meet customer needs and solve important business problems in a consistent and reliable manner.


API Testing and Development with Postman

API Testing and Development with Postman

Author: Dave Westerveld

Publisher: Packt Publishing Ltd

Published: 2021-05-07

Total Pages: 341

ISBN-13: 1800565739

DOWNLOAD EBOOK

Explore the world of APIs and learn how to integrate them with production-ready applications using Postman and the Newman CLI Key FeaturesLearn the tenets of effective API testing and API designGain an in-depth understanding of the various features Postman has to offerKnow when and how to use Postman for creating high-quality APIs for software and web appsBook Description Postman enables the exploration and testing of web APIs, helping testers and developers figure out how an API works. With Postman, you can create effective test automation for any APIs. If you want to put your knowledge of APIs to work quickly, this practical guide to using Postman will help you get started. The book provides a hands-on approach to learning the implementation and associated methodologies that will have you up and running with Postman in no time. Complete with step-by-step explanations of essential concepts, practical examples, and self-assessment questions, this book begins by taking you through the principles of effective API testing. A combination of theory coupled with real-world examples will help you learn how to use Postman to create well-designed, documented, and tested APIs. You'll then be able to try some hands-on projects that will teach you how to add test automation to an already existing API with Postman, and guide you in using Postman to create a well-designed API from scratch. By the end of this book, you'll be able to use Postman to set up and run API tests for any API that you are working with. What you will learnFind out what is involved in effective API testingUse data-driven testing in Postman to create scalable API testsUnderstand what a well-designed API looks likeBecome well-versed with API terminology, including the different types of APIsGet to grips with performing functional and non-functional testing of an APIDiscover how to use industry standards such as OpenAPI and mocking in PostmanWho this book is for The book is for software testing professionals and software developers looking to improve product and API quality through API test automation. You will find this book useful if understand APIs and want to build your skills for creating, testing, and documenting APIs. The book assumes beginner-level knowledge of JavaScript and API development.


RESTful Web APIs

RESTful Web APIs

Author: Leonard Richardson

Publisher: "O'Reilly Media, Inc."

Published: 2013-09-12

Total Pages: 464

ISBN-13: 1449359736

DOWNLOAD EBOOK

The popularity of REST in recent years has led to tremendous growth in almost-RESTful APIs that don’t include many of the architecture’s benefits. With this practical guide, you’ll learn what it takes to design usable REST APIs that evolve over time. By focusing on solutions that cross a variety of domains, this book shows you how to create powerful and secure applications, using the tools designed for the world’s most successful distributed computing system: the World Wide Web. You’ll explore the concepts behind REST, learn different strategies for creating hypermedia-based APIs, and then put everything together with a step-by-step guide to designing a RESTful Web API. Examine API design strategies, including the collection pattern and pure hypermedia Understand how hypermedia ties representations together into a coherent API Discover how XMDP and ALPS profile formats can help you meet the Web API "semantic challenge" Learn close to two-dozen standardized hypermedia data formats Apply best practices for using HTTP in API implementations Create Web APIs with the JSON-LD standard and other the Linked Data approaches Understand the CoAP protocol for using REST in embedded systems


Hacking APIs

Hacking APIs

Author: Corey J. Ball

Publisher: No Starch Press

Published: 2022-07-05

Total Pages: 362

ISBN-13: 1718502451

DOWNLOAD EBOOK

Hacking APIs is a crash course in web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. Hacking APIs is a crash course on web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. You’ll learn how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman. Then you’ll master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner and OWASP Amass. Next, you’ll learn to perform common attacks, like those targeting an API’s authentication mechanisms and the injection vulnerabilities commonly found in web applications. You’ll also learn techniques for bypassing protections against these attacks. In the book’s nine guided labs, which target intentionally vulnerable APIs, you’ll practice: • Enumerating APIs users and endpoints using fuzzing techniques • Using Postman to discover an excessive data exposure vulnerability • Performing a JSON Web Token attack against an API authentication process • Combining multiple API attack techniques to perform a NoSQL injection • Attacking a GraphQL API to uncover a broken object level authorization vulnerability By the end of the book, you’ll be prepared to uncover those high-payout API bugs other hackers aren’t finding and improve the security of applications on the web.


Designing Evolvable Web APIs with ASP.NET

Designing Evolvable Web APIs with ASP.NET

Author: Glenn Block

Publisher: "O'Reilly Media, Inc."

Published: 2014-03-13

Total Pages: 536

ISBN-13: 1449337902

DOWNLOAD EBOOK

Design and build Web APIs for a broad range of clients—including browsers and mobile devices—that can adapt to change over time. This practical, hands-on guide takes you through the theory and tools you need to build evolvable HTTP services with Microsoft’s ASP.NET Web API framework. In the process, you’ll learn how design and implement a real-world Web API. Ideal for experienced .NET developers, this book’s sections on basic Web API theory and design also apply to developers who work with other development stacks such as Java, Ruby, PHP, and Node. Dig into HTTP essentials, as well as API development concepts and styles Learn ASP.NET Web API fundamentals, including the lifecycle of a request as it travels through the framework Design the Issue Tracker API example, exploring topics such as hypermedia support with collection+json Use behavioral-driven development with ASP.NET Web API to implement and enhance the application Explore techniques for building clients that are resilient to change, and make it easy to consume hypermedia APIs Get a comprehensive reference on how ASP.NET Web API works under the hood, including security and testability


Irresistible APIs

Irresistible APIs

Author: Kirsten Hunter

Publisher: Simon and Schuster

Published: 2016-09-16

Total Pages: 367

ISBN-13: 1638353441

DOWNLOAD EBOOK

Summary A Web API is a platform with a web-style interface developers can use to implement functionality. Well-designed APIs feel like a natural extension of the application, rather than just a new interface into the backend database. Designing Web APIs based on use cases allows an organization to develop irresistible APIs, which developers can consume easily and which support the business values of that organization. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the Technology It takes a village to deliver an irresistible web API. Business stakeholders look for an API that works side-by-side with the main product to enhance the experience for customers. Project managers require easy integration with other products or ways for customers to interact with your system. And, developers need APIs to consistently interoperate with external systems. The trick is getting the whole village together. This book shows you how. About the Book Irresistible APIspresents a process to create APIs that succeed for all members of the team. In it, you'll learn how to capture an application's core business value and extend it with an API that will delight the developers who use it. Thinking about APIs from the business point of view, while also considering the end-user experience, encourages you to explore both sides of the design process and learn some successful biz-to-dev communication patterns. Along the way, you'll start to view your APIs as part of your product's core value instead of just an add-on. What's Inside Design-driven development Developing meaningful use cases API guiding principles How to recognize successful APIs About the Reader Written for all members of an API design team, regardless of technical level. About the Author Kirsten Hunter is an API evangelist who helps developers and business stakeholders understand, design, and deliver amazing APIs. Table of Contents UNDERSTANDING WEB APIs What makes an API irresistible? Working with web APIs API First Web services explained DESIGNING WEB APIs Guiding principles for API design Defining the value for your API Creating your schema model Design-driven development Empowering your developers


Web Services Testing with SoapUI

Web Services Testing with SoapUI

Author: Charitha Kankanamge

Publisher: Packt Publishing Ltd

Published: 2012-10-26

Total Pages: 473

ISBN-13: 1849515670

DOWNLOAD EBOOK

Web Services Testing with soapUI starts with an overview of SOA and web services testing, and gets your hands dirty with a sample project which makes use of open source web service engine, Apache Axis2. All demonstrations and hands-on exercises are based on this sample project. This book is a practical and comprehensive tutorial for easy and efficient web services testing to build high quality service-oriented solutions. This book directly targets software quality assurance professionals, software project managers, and software developers interested in automated or manual testing web services and SOA. Whether you are a seasoned SOA professional or a novice user, with this book you'll learn to effectively use soapUI in testing service-oriented solutions for functional as well as non-functional web services.


Testing Web APIs

Testing Web APIs

Author: Mark Winteringham

Publisher: Simon and Schuster

Published: 2022-12-06

Total Pages: 262

ISBN-13: 1617299537

DOWNLOAD EBOOK

Ensure your web APIs are consistent and bug-free by implementing an automated testing process. In Testing Web APIs you will: Design and implement a web API testing strategy Set up a test automation suite Learn contract testing with Pact Facilitate collaborative discussions to test web API designs Perform exploratory tests Experiment safely in a downloadable API sandbox environment Testing Web APIs teaches you to plan and implement the perfect testing strategy for your web APIs. In it, you’ll explore dozens of different testing activities to help you develop a custom testing regime for your projects. This practical book demystifies abstract strategic concepts by applying them to common API testing scenarios, revealing how these complex ideas work in the real world. You’ll learn to take a risk-driven approach to API testing, and build a strategy that goes beyond the basics of code and requirements coverage. Your whole team will soon be involved in ensuring quality! Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the technology Web APIs are the public face of your application, and they need to be perfect. Implementing an automated testing program is the best way to ensure that your web APIs are production ready. About the book Testing Web APIs is a unique and practical guide, from the initial design of your testing suite through techniques for documentation, implementation, and delivery of consistently excellent APIs. You’ll see a wide range of testing techniques, from exploratory to live testing of production code, and how to save time with automation using industry-standard tools. This book helps take the hassle out of API testing. What's inside Design and implement a web API testing strategy Set up a test automation suite Contract testing with Pact Hands-on practice in the downloadable API sandbox About the reader For dedicated software QA and testers, or experienced developers. Examples in Java. About the author Mark Winteringham is the OpsBoss at Ministry of Testing, where he teaches many aspects of software testing. Table of Contents PART 1 THE VALUE OF WEB API TESTING 1 Why and how we test web APIs 2 Beginning our testing journey 3 Quality and risk PART 2 BEGINNING OUR TEST STRATEGY 4 Testing API designs 5 Exploratory testing APIs 6 Automating web API tests 7 Establishing and implementing a testing strategy PART 3 EXPANDING OUR TEST STRATEGY 8 Advanced web API automation 9 Contract testing 10 Performance testing 11 Security testing 12 Testing in production


Mastering Modern Web Penetration Testing

Mastering Modern Web Penetration Testing

Author: Prakhar Prasad

Publisher: Packt Publishing Ltd

Published: 2016-10-28

Total Pages: 298

ISBN-13: 1785289144

DOWNLOAD EBOOK

Master the art of conducting modern pen testing attacks and techniques on your web application before the hacker does! About This Book This book covers the latest technologies such as Advance XSS, XSRF, SQL Injection, Web API testing, XML attack vectors, OAuth 2.0 Security, and more involved in today's web applications Penetrate and secure your web application using various techniques Get this comprehensive reference guide that provides advanced tricks and tools of the trade for seasoned penetration testers Who This Book Is For This book is for security professionals and penetration testers who want to speed up their modern web application penetrating testing. It will also benefit those at an intermediate level and web developers who need to be aware of the latest application hacking techniques. What You Will Learn Get to know the new and less-publicized techniques such PHP Object Injection and XML-based vectors Work with different security tools to automate most of the redundant tasks See different kinds of newly-designed security headers and how they help to provide security Exploit and detect different kinds of XSS vulnerabilities Protect your web application using filtering mechanisms Understand old school and classic web hacking in depth using SQL Injection, XSS, and CSRF Grasp XML-related vulnerabilities and attack vectors such as XXE and DoS techniques Get to know how to test REST APIs to discover security issues in them In Detail Web penetration testing is a growing, fast-moving, and absolutely critical field in information security. This book executes modern web application attacks and utilises cutting-edge hacking techniques with an enhanced knowledge of web application security. We will cover web hacking techniques so you can explore the attack vectors during penetration tests. The book encompasses the latest technologies such as OAuth 2.0, Web API testing methodologies and XML vectors used by hackers. Some lesser discussed attack vectors such as RPO (relative path overwrite), DOM clobbering, PHP Object Injection and etc. has been covered in this book. We'll explain various old school techniques in depth such as XSS, CSRF, SQL Injection through the ever-dependable SQLMap and reconnaissance. Websites nowadays provide APIs to allow integration with third party applications, thereby exposing a lot of attack surface, we cover testing of these APIs using real-life examples. This pragmatic guide will be a great benefit and will help you prepare fully secure applications. Style and approach This master-level guide covers various techniques serially. It is power-packed with real-world examples that focus more on the practical aspects of implementing the techniques rather going into detailed theory.


Testing Web APIs

Testing Web APIs

Author: Mark Winteringham

Publisher: Simon and Schuster

Published: 2022-12-06

Total Pages: 262

ISBN-13: 1638351538

DOWNLOAD EBOOK

Ensure your web APIs are consistent and bug-free by implementing an automated testing process. In Testing Web APIs you will: Design and implement a web API testing strategy Set up a test automation suite Learn contract testing with Pact Facilitate collaborative discussions to test web API designs Perform exploratory tests Experiment safely in a downloadable API sandbox environment Testing Web APIs teaches you to plan and implement the perfect testing strategy for your web APIs. In it, you’ll explore dozens of different testing activities to help you develop a custom testing regime for your projects. This practical book demystifies abstract strategic concepts by applying them to common API testing scenarios, revealing how these complex ideas work in the real world. You’ll learn to take a risk-driven approach to API testing, and build a strategy that goes beyond the basics of code and requirements coverage. Your whole team will soon be involved in ensuring quality! About the technology Web APIs are the public face of your application, and they need to be perfect. Implementing an automated testing program is the best way to ensure that your web APIs are production ready. About the book Testing Web APIs is a unique and practical guide, from the initial design of your testing suite through techniques for documentation, implementation, and delivery of consistently excellent APIs. You’ll see a wide range of testing techniques, from exploratory to live testing of production code, and how to save time with automation using industry-standard tools. This book helps take the hassle out of API testing. What's inside Design and implement a web API testing strategy Set up a test automation suite Contract testing with Pact Hands-on practice in the downloadable API sandbox About the reader For dedicated software QA and testers, or experienced developers. Examples in Java. About the author Mark Winteringham is the OpsBoss at Ministry of Testing, where he teaches many aspects of software testing. Table of Contents PART 1 THE VALUE OF WEB API TESTING 1 Why and how we test web APIs 2 Beginning our testing journey 3 Quality and risk PART 2 BEGINNING OUR TEST STRATEGY 4 Testing API designs 5 Exploratory testing APIs 6 Automating web API tests 7 Establishing and implementing a testing strategy PART 3 EXPANDING OUR TEST STRATEGY 8 Advanced web API automation 9 Contract testing 10 Performance testing 11 Security testing 12 Testing in production