5 research outputs found
A Catalogue of Inter-Parameter Dependencies in RESTful Web APIs
Web services often impose dependency constraints that re strict the way in which two or more input parameters can be combined
to form valid calls to the service. Unfortunately, current specification
languages for web services like the OpenAPI Specification provide no
support for the formal description of such dependencies, which makes
it hardly possible to automatically discover and interact with services
without human intervention. Researchers and practitioners are openly
requesting support for modelling and validating dependencies among in put parameters in web APIs, but this is not possible unless we share a
deep understanding of how dependencies emerge in practice—the aim of
this work. In this paper, we present a thorough study on the presence
of dependency constraints among input parameters in web APIs in in dustry. The study is based on a review of more than 2.5K operations
from 40 real-world RESTful APIs from multiple application domains.
Overall, our findings show that input dependencies are the norm, rather
than the exception, with 85% of the reviewed APIs having some kind of
dependency among their input parameters. As the main outcome of our
study, we present a catalogue of seven types of dependencies consistently
found in RESTful web APIsMinisterio de Economía y Competitividad BELI (TIN2015-70560-R)Ministerio de Ciencia, Innovación y Universidades Horatio RTI2018-101204-B-C21Ministerio de Educación, Cultura y Deporte FPU17/0407
Inter-Parameter Dependencies in Real-World Web APIs: The IDEA Dataset
Context: Web services often impose constraints that restrict the way in which two or more input parameters can be combined to form valid calls to the service, so-called inter-parameter dependencies. Current API design languages like the OpenAPI Specification (OAS) provide no support for their formal description, making it hardly possible to automatically discover and interact with services without human intervention. Researchers and practitioners are openly requesting support for modelling and validating inter-parameter dependencies in web APIs, but this is not possible unless we share a deep understanding of how these dependencies emerge in practice. Objective: We aim to provide evidence on how inter-parameter dependencies are used in real-world web APIs. This evidence will hopefully serve as a basis for future proposals for modelling and analysing inter-parameter dependencies and will open a new range of research possibilities in areas related to service-oriented computing. Method: The documentation of 2,557 operations from 40 real-world web APIs was reviewed and carefully analysed, and 633 inter-parameter dependencies were found and classified into seven different types. Results: A machine-readable dataset was generated. This dataset helps understand the dimension and recurrence of inter-parameter dependencies in web APIs, as well as their taxonomy.Ministerio de Ciencia e Innovación HORATIO (RTI2018-101204–B–C21)Junta de Andalucía APOLO (US-1264651)Junta de Andalucía EKIPMENTPLUS (P18–FR–2895)Ministerio de Educación y Formación Profesional FPU17/0407
Automated analysis of inter-parameter dependencies in web APIs
Web services often impose constraintsthat restrict the way in which
two or more input parameters can be combined to form valid calls
to the service, i.e. inter-parameter dependencies. Current web API
specification languages like the OpenAPI Specification (OAS) pro vide no support for the formal description of such dependencies,
making it hardly possible to interact with the services without
human intervention. We propose specifying and automatically ana lyzing inter-parameter dependencies in web APIs. To this end, we
propose a domain-specific language to describe these dependencies,
a constraint programming-aided tool supporting their automated
analysis, and an OAS extension integrating our approach and eas ing its adoption. Together, these contributions open a new range of
possibilities in areas such as source code generation and testin
AI-driven web API testing
Testing of web APIs is nowadays more critical than ever before,
as they are the current standard for software integration. A bug
in an organization’s web API could have a huge impact both in ternally (services relying on that API) and externally (third-party
applications and end users). Most existing tools and testing ap proaches require writing tests or instrumenting the system under
test (SUT). The main aim of this dissertation is to take web API
testing to an unprecedented level of automation and thoroughness.
To this end, we plan to apply artificial intelligence (AI) techniques
for the autonomous detection of software failures. Specifically, the
idea is to develop intelligent programs (we call them “bots”) ca pable of generating hundreds, thousands or even millions of test
inputs and to evaluate whether the test outputs are correct based
on: 1) patterns learned from previous executions of the SUT; and 2)
knowledge gained from analyzing thousands of similar programs.
Evaluation results of our initial prototype are promising, with bugs
being automatically detected in some real-world APIs.Ministerio de Economía y Competitividad BELI (TIN2015-70560-R)Ministerio de Ciencia, Innovación y Universidades RTI2018-101204-B-C21 (HORATIO)Ministerio de Educación, Cultura y Deporte FPU17/0407