125 Hits in 4.0 sec

Deriving Semantics-Aware Fuzzers from Web API Schemas [article]

Zac Hatfield-Dodds, Dmitry Dygalo
2021 arXiv   pre-print
Our tool, Schemathesis, derives structure- and semantics-aware fuzzers from web API schemas in the OpenAPI or GraphQL formats, using property-based testing tools.  ...  We construct the most comprehensive evaluation of web API fuzzers to date, running eight fuzzers against sixteen real-world open source web services.  ...  Property-based testing Property-based testing (PBT) originated with the Haskell library QuickCheck [6] , which emphasised testing algebraic properties of functions by generating many random inputs to  ... 
arXiv:2112.10328v1 fatcat:4343m6f2vvelfp7qkzamnebw3m

Automated Specification-Based Testing of REST APIs

Ovidiu Baniaș, Diana Florea, Robert Gyalai, Daniel-Ioan Curiac
2021 Sensors  
We use the latest version of OpenAPI 3.x and a wide range of coverage metrics to analyze the functionality and performance of the generated test cases, and non-functional metrics to analyze the performance  ...  We propose a solution that automates the generation of test cases for REST APIs based on their specifications.  ...  Related to the non-functional properties testing of REST API, there is a limited number of approaches developed in this field.  ... 
doi:10.3390/s21165375 pmid:34450820 pmcid:PMC8400446 fatcat:cegqqfhif5fljnb7c34pcywvaa

Example-Driven Web API Specification Discovery [chapter]

Hamza Ed-douibi, Javier Luis Cánovas Izquierdo, Jordi Cabot
2017 Lecture Notes in Computer Science  
In this paper we present an exampledriven discovery process that generates model-based OpenAPI specifications for REST Web APIs by using API call examples.  ...  of API specifications and leveraging on several existing toolsets featuring API documentation generation (e.g., using Swagger UI8) or API monitoring and testing (e.g., using Runscope9).  ...  Acknowledgment This work has been supported by the Spanish government (TIN2016-75944-R project). 31 32 33  ... 
doi:10.1007/978-3-319-61482-3_16 fatcat:bqyoz6jl2faf3luy4ctnbym52u

QuickREST: Property-based Test Generation of OpenAPI-Described RESTful APIs [article]

Stefan Karlsson, Adnan Causevic, Daniel Sundmark
2019 arXiv   pre-print
RESTful APIs are an increasingly common way to expose software systems functionality and it is therefore of high interest to find methods to automatically test and verify such APIs.  ...  This is done by using automatic property-based tests produced from OpenAPI documents that describe the REST API under test.  ...  REST APIs are increasingly commonly described with OpenAPI [5] , which aims to standardize how RESTful APIs are described. Several frameworks for building REST APIs also include OpenAPI support.  ... 
arXiv:1912.09686v1 fatcat:c3tehau25jbdpjy2cm2qqg56ze

RESTful Web Services Development With a Model-Driven Engineering Approach [chapter]

Rafael Corveira da Cruz Gonçalves, Isabel Azevedo
2019 Advances in Computer and Electrical Engineering  
A model-driven approach, materialized in a domain specific language that integrates the OpenAPI specification, an emerging standard for describing REST services, allows developers to use a design first  ...  A RESTful web service implementation requires following the constrains inherent to REST architectural style, which, being a non-trivial task, often leads to solutions that do not fulfill those requirements  ...  EMF REST EMF REST 1 is a framework build on the top of the Eclipse/Java/EMF development stack and it transforms an ecore model into a functional REST API.  ... 
doi:10.4018/978-1-5225-7455-2.ch009 fatcat:2ir2w3darbdgtjw6r2fgczn7uy

FirecREST: RESTful API on Cray XC systems [article]

Felipe A. Cruz, Maxime Martinasso
2019 arXiv   pre-print
This work presents the FirecREST API, a RESTful Web API infrastructure that allows scientific communities to access the various integrated resources and services available from the Cray XC systems at the  ...  As science gateways are becoming an increasingly popular digital interface for scientific communities, it is also becoming increasingly important for High-Performance Computing centers to provide a modern  ...  API Gateway The API gateway provides an interface to publish, maintain, monitor, and secure all the FirecREST API endpoints.  ... 
arXiv:1911.13160v1 fatcat:vyh7gsgqonhwdbnsf36iuw57x4

Adaptation measures of COBWEB quality assurance service for the LandSense Citizen Observatory

Sam Meek, Matthew Knight, Theo Brown
2019 Zenodo  
The COBWEB project attempted to design and develop a set of quality assurance processes based upon those described in ISO19157 and the flexible framework for quality assuring crowdsourced data explored  ...  This document outlines the LandSense QA services, provides rationale for the changes made to the COBWEB platform, lists algorithmic tests implemented from ISO 19157 and outlines the work done using Artificial  ...  Resizing An evaluation of the dataset revealed that the majority of the photographs showed the crops occupying approximately 75% of the image, with the sky/horizon accounting for the remainder.  ... 
doi:10.5281/zenodo.4452818 fatcat:b6x45hfusjekldbiywqaigejeq

Extending INSPIRE to the Internet of Things through SensorThings API

Alexander Kotsev, Katharina Schleidt, Steve Liang, Hylke van der Schaaf, Tania Khalafbeigi, Sylvain Grellet, Michael Lutz, Simon Jirka, Mickaël Beaufils
2018 Geosciences  
Some of the recurring technical requirements raised by SDI stakeholders include: (i) the need for adoption of RESTful architectures; together with (ii) alternative (to GML) data encodings, such as JavaScript  ...  Object Notation (JSON) and binary exchange formats; and (iii) adoption of asynchronous publish-subscribe-based messaging protocols.  ...  RESTful Interface The SensorThings rest API is loosely based on the OData API [22] .  ... 
doi:10.3390/geosciences8060221 fatcat:hgo4eubvdnahvbylwhwutfl6q4

Lynx D1.4 Setup and implementation of the basic platform

Filippo Maganza, Kennedy Junior Anagbo
2019 Zenodo  
report") that the Lynx platform addresses; the framework adapts very well to meeting the realisation of these requirements.  ...  The choice of the Spring Framework is motivated by the requirements (D1.1 "Functional requirements analysis report", D1.2 "Technical requirements analysis report", and D4.1 "Pilots requirements analysis  ...  or user • Updating an existing application or user • Deleting an existing client application or user The full OpenAPI 3 specification of the RESTful APIs of the OAuth service are published and accessible  ... 
doi:10.5281/zenodo.3236426 fatcat:kecjemoni5d7fjsv35vntelmpm

Harvesting Production GraphQL Queries to Detect Schema Faults [article]

Louise Zetterlund, Deepika Tiwari, Martin Monperrus, Benoit Baudry
2021 arXiv   pre-print
The generated tests cover 26.9% of the Saleor schema, including parts of the API not exercised by the original test suite, as well as 48.7% of the Frontapp schema, detecting 8 schema faults, thanks to  ...  GraphQL is a new paradigm to design web APIs. Despite its growing popularity, there are few techniques to verify the implementation of a GraphQL API.  ...  Schema faults are the focus of testing techniques for other systems specified using schemas, such as databases [10] , [11] , or OpenAPI REST APIs [12] - [14] .  ... 
arXiv:2112.08267v2 fatcat:tfwgipvqy5e4xmorikz523w5dy


Maria Angeles Sanguino, Jorge Montero, Ana Luiza Pontual, Miquel Milà, Tomas Pariente, Ricard Munné, Giuseppe La Rocca, Giannis Ledakis, Konstantinos Theodosiou, Konstantinos Oikonomou, Ilias Maglogiannis, Thanos Kiourtis (+3 others)
2020 Zenodo  
This is broken down to 3 key components that can be combined, along with a test client, in order to demonstrate the access control capabilities to the use cases and to proceed with the definition of an  ...  This first version of the prototype also includes an ABAC based access control mechanism suitable for Policy Cloud.  ...  On top of this, Flask framework is being used in order to create a robust and flexible API service.  ... 
doi:10.5281/zenodo.4560370 fatcat:ekodg6o6prblvnhupwngrivw7a

SafeRESTScript: Statically Checking REST API Consumers [article]

Nuno Burnay and Antónia Lopes and Vasco T. Vasconcelos
2020 arXiv   pre-print
Nowadays programmers of web applications can choose TypeScript over JavaScript to benefit from static type checking that enables validating calls to local functions or to those provided by libraries.  ...  Specifications are written in HeadREST, a language that also features refinement types and supports the description of semantic aspects of REST APIs in a style reminiscent of Hoare triples.  ...  This paper presents an approach to API consumer code development based on two new languages: HeadREST, a specification language for REST APIs with a rich type system that supports the specification of  ... 
arXiv:2007.08048v1 fatcat:utj4s7ltnvh5tj7v5sosv6k42e

Applying Model-Driven Engineering to Stimulate the Adoption of DevOps Processes in Small and Medium-Sized Development Organizations [article]

Jonas Sorgalla, Philip Wizenty, Florian Rademacher, Sabine Sachweh, Albert Zündorf
2021 arXiv   pre-print
To implement the workflow, we extend LEMMA with the functionality to (i) generate models from API documentation; (ii) reference remote models owned by other teams; (iii) generate deployment specifications  ...  To support DevOps teams of SMOs in coping with these challenges, we present a model-driven workflow based on LEMMA - the Language Ecosystem for Modeling Microservice Architecture.  ...  First, using the Swagger parsing framework 14 , an OAS conform API model in the YAML [6] or JSON [21] format is converted into an in-memory API Model.  ... 
arXiv:2107.12425v1 fatcat:k7zy2qr3unbjjomrwbtptukoni

Pythia: Grammar-Based Fuzzing of REST APIs with Coverage-guided Feedback and Learning-based Mutations [article]

Vaggelis Atlidakis, Roxana Geambasu, Patrice Godefroid, Marina Polishchuk, Baishakhi Ray
2020 arXiv   pre-print
Pythia uses a statistical model to learn common usage patterns of a target REST API from structurally valid seed inputs.  ...  This paper introduces Pythia, the first fuzzer that augments grammar-based fuzzing with coverage-guided feedback and a learning-based mutation strategy for stateful REST API fuzzing.  ...  Stateful REST API fuzzing, introduced by RESTler [3] , is a grammar-based fuzzing approach that statically analyzes the documentation of a REST API (given in an API specification language, such as OpenAPI  ... 
arXiv:2005.11498v1 fatcat:oqrkilpbmbgwvemwo2fmndzfcq

CloudLaunch: Discover and Deploy Cloud Applications [article]

Enis Afgan, Andrew Lonie, James Taylor, Nuwan Goonasekera
2018 arXiv   pre-print
However, the process of making complex-to-deploy applications available across different cloud providers requires isolated and uncoordinated application-specific solutions, often locking-in developers  ...  to a particular cloud provider.  ...  Back-end Layer The back-end of the framework is exposed through a self-documenting, browsable REST API.  ... 
arXiv:1805.04005v2 fatcat:ny2oquchaffexlmt4zuedb4sqm
« Previous Showing results 1 — 15 out of 125 results