Automation Solution for Network Calls Validation

Requirement

Traditionally all the network calls related testing has been performed manually. A proxy was created for the device/app and then manual verification was done for every parameter for the various calls generated for both HTTP and HTTPs throughout the application. Because there were more than 150 calls, with every call having more than 30 parameters to verify, the manual effort required to validate these calls was quite high and sometimes prone to manual errors.

Thus, there was a need to develop an open-source packet analyser that could automate the validations of any type of network call, supporting both HTTP and HTTPs protocol, and on any type of application (mobile web, app, and desktop based). The focus was on implementing a solution that could easily be integrated with any of the popular automation tools and techniques, and in turn, could be easily used, modified, and maintained per the need, and that additionally supports network throttling and analysis of base64 encoded network calls.

Implementation Approach

Our team at Tavant developed the framework/solution using Browser Mob Proxy (BMP), an open source tool, to achieve automation for network traffic validations. The developed framework consists of the main layers below:

1. Test Case Layer: Test cases are developed using appium/selenium automation tools based on Java.
2. Implementation Layer: This layer consists of the re-usable methods, utilities, appium and selenium/webdriver APIs and the BMP server. The BMP server is available in two flavors: embedded and stand-alone utilities. The embedded version is mainly used for selenium-based desktop web network call validation/automation, whereas the stand-alone version can be used for creating a proxy to be used by any 3^rd party medium/applications like the mobile web and mobile apps. The BMP server creates a proxy to route and captures the traffic from the application to the internet and further export the performance data as a HAR/JSON file. The BMP server uses certificates to be deployed on mobile for capturing SSL-based network calls. Click here to understand how the BMP server works completely. The framework also implements a common object repository to maintain the objects and their types at a single location, which makes test case scripting easy and maintainable.
3. Execution Layer: The framework initiates the test case execution two ways: test rail and command line. The tester needs to provide the platform and application information based on which execution is triggered. Every test case initiates/launches the BMP server for any functional verification, and quits once the generation and analysis are complete for that scenario/network call. This takes cares of the unique call validations generated with different scenarios.
4. Test Data: This is the expected data that needs to be validated for network calls stored primarily in the form of Excel.
5. Reporting: JSON parsers are developed to parse the HAR/JSON files generated using BMP and were compared and validated with the expected/test data. The detailed test results are stored in the Excel sheet and pushed back to the test rail. The framework can be easily integrated with different 3^rd party tools like Jenkins, TestRail, Github, etc., depending on the project requirements. Further, test reports can be easily integrated with the test management tools. It also supports the analysis of encoded calls using base64 decoding techniques.

Tools and Technologies

BMP Server, Appium/Selenium-Webdriver, Jenkins, Maven, TestNG framework, Github, Test Management Tool, etc.

Challenges Faced

The curl command, used for generating the HAR data for network calls, was not providing the data consistently. So, we used some of the options/switches provided by curl and stabilized the network call generation process. We faced issues with generating network calls for mobile-based applications, which got resolved by deploying SSL certificates on mobile devices.

Benefits

1. Reduces the manual effort substantially to test the network calls/traffic routing to the app
2. Provides a common end-to-end solution to analyze all types of network traffic (videos and non-videos) for various applications
3. Integrates easily with any automation tools and technologies
4. Enables reusability of test scripts/methods
5. Saves significant effort in test case creation/update
6. Keeps testers from having to resolve framework level complexities
7. Provides an easily modifiable framework
8. Delivers a solution that is stable, efficient and robust enough to drive the complete end-to-end approach with minimal maintenance
9. Provides a solution that can be supported on any of the test environments and network settings
10. Provides a solution that has active support for various online forums