接口测试 TesterHome 接口测试 WorkShop 上海站

课前准备

待测业务 企业微信

企业微信

  • 服务端api说明文档 https://work.weixin.qq.com/api/doc#90000/90135/90664
  • 开发者调试工具 https://work.weixin.qq.com/api/devtools/devtool.php
  • 企业id wwd6da61649bd66fea
  • 企业通讯录 secret C7uGOrNyxWWzwBsUyWEbLdbZBDrc71PNOhyQ_YYPhts
  • agent id: 1000008
  • agent secret:8M4gp1GknzgQrGxJzFPIA2ngSxnhfij-ecERlID2bGQ
  • 临时token:oQFNVByA0rzxEWIEQN0KSX_zK9DrehfKcKoBlYJp7Y0ifjpEzXb05-M_KAwKaPnOn2Vrp8bVM9QMi8euknX-UokGENRonTQKJmttZx0jbUV2A_zjLOkJYtQUbBa8_O3a56irahnK0ntt1r0P8GTeq7hVOqZ5l_eiFzxfizMc8264k8lsPn_cY26PLp0VWqvp10Lm82isb0ESktBjHK-8jg

基本的用例编写

import io.restassured.http.ContentType;
import org.junit.jupiter.api.Test;

import static io.restassured.RestAssured.given;
import static io.restassured.RestAssured.useRelaxedHTTPSValidation;
import static org.hamcrest.Matchers.containsString;
import static org.junit.jupiter.api.Assertions.assertTrue;

public class DemoTest {
@Test
void getToken(){
given()
.log().all()
.queryParam("corpid", "wwd6da61649bd66fea")
.queryParam("corpsecret", "tnw91tX2vmtZWVxBjT-RYk6r1k5S65TbWQxIuGHsyhU")
.when()
.get("https://qyapi.weixin.qq.com/cgi-bin/gettoken")
.then()
.log().all()
.statusCode(200)
.body(containsString("ok"));
}

@Test
void sendMessage(){
given().log().all()
.proxy(8080)
.queryParam("access_token", "oQFNVByA0rzxEWIEQN0KSX_zK9DrehfKcKoBlYJp7Y0ifjpEzXb05-M_KAwKaPnOn2Vrp8bVM9QMi8euknX-UokGENRonTQKJmttZx0jbUV2A_zjLOkJYtQUbBa8_O3a56irahnK0ntt1r0P8GTeq7hVOqZ5l_eiFzxfizMc8264k8lsPn_cY26PLp0VWqvp10Lm82isb0ESktBjHK-8jg")
.contentType(ContentType.JSON)
.body("{\n" +
" \"touser\" : \"@all\",\n" +
" \"toparty\" : \"\",\n" +
" \"totag\" : \"\",\n" +
" \"msgtype\" : \"text\",\n" +
" \"agentid\" : 1000005,\n" +
" \"text\" : {\n" +
" \"content\" : \"自动化用例:欢迎大家加入TesterHome技术Workshop <a href=\\\"https://testerhome.com\\\">TesterHomne社区论坛</a>\"\n" +
" },\n" +
" \"safe\":0\n" +
"}")
.when().post("https://qyapi.weixin.qq.com/cgi-bin/message/send")
.then().log().all().statusCode(200).body(containsString("ok"));
}
}

编写BurpSuite的扩展

  • burpsuite的扩展机制,可以借助扩展自定义burpsuite的界面,以及分析其中的数据

package com.testerhome.startupapi;

/**
* Created by seveniruby on 2017/3/21.
*/


import org.junit.Test;

import static io.restassured.RestAssured.*;
import static org.hamcrest.Matchers.*;

public class TestRest {
@Test
public void demo() {
useRelaxedHTTPSValidation();
given()
.queryParam("_gid", "GA1.2.1286269070.1555215657")
.queryParam("xq_a_token", "c3ad928c32844dd1159fadf6b740202c98f57e08")
.queryParam("_ga", "GA1.2.968885642.1551424940")
.queryParam("s", "f912bkt3za")
.queryParam("_gat", "1")
.queryParam("xq_r_token", "ad311bab2af18c96dcdf509d59414b94ef1f5d4a")
.queryParam("Hm_lvt_1db88642e346389874251b5a1eded6e3", "1552813643,1553780538,1555215659")
.queryParam("xq_r_token.sig", "ILfaBwMDJJsRbIEHItnGAJQP668")
.queryParam("xq_a_token.sig", "gGiB0IGXSeuhdiVqcjKBnjxWBNE")
.queryParam("Hm_lpvt_1db88642e346389874251b5a1eded6e3", "1555215740")
.queryParam("symbol", "SH000001,SZ399001,SZ399006,HKHSI,HKHSCEI,HKHSCCI,.DJI,.IXIC,.INX")
.queryParam("device_id", "65fa81aa394925ed53b0c6a8432e4a0a")
.queryParam("u", "671555215723754")
.when().log().all().get("https://stock.xueqiu.com:443/v5/stock/batch/quote.json?symbol=SH000001,SZ399001,SZ399006,HKHSI,HKHSCEI,HKHSCCI,.DJI,.IXIC,.INX")
.then().log().all()
.statusCode(200)
;

}
}

从零开始设计自己的代理工具

https://github.com/lightbody/browsermob-proxy

如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!
No Reply at the moment.
需要 Sign In 后方可回复, 如果你还没有账号请点击这里 Sign Up