Debugging Chronicles: Postman for Network Debugging
Postman is an HTTPClient that we might use for a variety of reasons. As a mobile developer, I use Postman when there is a lack of documentation, a network-related fault that needs to be reported to a colleague, or to save time when converting a json structure into request/response bodies. For these reasons, I want to share some awesome Postman tips with you today. Below is our roadmap highlighting the topics we’ll cover. Now let’s get started! 🚀
− Postman: Unleashing the Power of Debugging Network Operations
− Data Driven Testing with Postman
− Adding Test Scripts
− Authorization
− Essential Security Tip for Authorization
− Convert JSON to Swift Models
− Creating a Mock Server
−− Step 1: Create a New Collection
−− Step 2: Add Example
−− Step 3: Add Mock Server
−− Step 4: Configure Your Client
Postman: Unleashing the Power of Debugging Network Operations
Postman can be used for API development, testing, and management, and it is available both as a browser-based tool and as a desktop app. In Postman, Workspaces help you organize your API work and collaborate with others across your organization or around the world.
The Postman UI consists of four main sections: the Header, Sidebar, Builder, and Status Bar. Within Postman, you can group requests under Collections, which can be downloaded as JSON files, exported, and shared with anyone.
Postman variables are key-value pairs that improve reusability by letting you store and use commonly used or common values. It is efficient to store all common and repeated values in variables since they allow for the advantage of making changes in one place when a variable is being used in different contexts. Variables can be referenced in requests, scripts, collections, and environments. They can be generated at the following scopes: global, collection, environment, data, and local.
Please remember that it’s not crucial to include variables. To keep things more organized, I’m going to demonstrate this functionality to you.
Data Driven Testing with Postman
You can insert a csv/json file to execute multiple requests.
You need to first run collection in order to start data-driven testing. I will make an effort to provide screenshots for each detail.
You are more aware of your needs. In my situation, all I need is a header field for a receive request. I only defined an endpoint, though.
This is how I input every endpoint that I wanted to test. I afterwards saved it as a JSON file. If you’d like, you can alternatively create a CSV file.
When you view the preview data, everything appears to be clear and in order.
Finally, I specify that when using a script like this, I expect to receive a status code of 200. Last but not least, I also define that I expect status code 200 with a script like this.
Now let’s run and see if the requests work as expected.
Adding Test Scripts
Scripts are useful for verifying whether your requests meet your expectations. For instance, I have a similar endpoint that provides me with the characters organized by page number.
I anticipate receiving a 200 status code from this endpoint and a response within a specific time frame. I therefore defined test scripts in the tests section in that manner. You are free to define anything you require.
After the definition, I can view the test results in my console after saving and running it.
Authorization
Authorization in Postman is essential for accessing secured APIs, ensuring that requests have the necessary permissions. Postman supports several types of authorization methods to cater to different security requirements:
- API Key: A simple and commonly used method where a key is included in the request header or URL to authenticate the client.
- Bearer Token: This method uses a token, typically a JSON Web Token (JWT), included in the request header to verify the user’s identity and permissions.
- Basic Auth: A straightforward method where the username and password are encoded in Base64 and sent in the request header.
- Digest Auth: A more secure alternative to Basic Auth that involves sending a hashed version of the credentials, providing protection against replay attacks.
- OAuth 1.0: An older protocol used for authorization, involving multiple steps to obtain an access token for authenticating requests.
- OAuth 2.0: A more modern and widely used protocol that provides various flows (such as Authorization Code, Implicit, Password Credentials, and Client Credentials) to obtain access tokens for secure API access.
- Hawk Authentication: A method similar to OAuth but simpler, using a cryptographic algorithm to create request signatures.
I am going to demostrate you how to configure your postman with a Bearer token.
Using the Bearer token definition, I was able to successfully obtain the response. But this isn’t configured in any way. It would be more efficient to use environment variables and store the token securely.
Essential Security Tip for Authorization
If you want to share your queries with another member of your team, it may be necessary to do so discreetly.
You can construct an environment variable for this, and just enter the token into the current value field while entering a definition into the initial value field.
After defining the secret token value in the environment, you should first select your environment, then enter your variable name in order to use it.
Now, token is not exposed and we can use it securely.
Convert JSON to Swift Models
Postman can convert an API request into a code snippet in a programming language in just a few clicks.
Unfortunately, I could not discover any support for Responses right now, but don’t worry, it is still fairly simple to convert. I use jsonformatter.org
And it is your privilege to give any name to your models; just make sure to change the references correctly.
Creating a Mock Server
Creating a mock server is essentially in cases when you don’t have any working backend environment or published version of an endpoint that you need. I am going to use postman-echo.com
in order to define my requests. postman-echo.com
is a service provided by Postman that allows you to test your REST APIs by making various types of requests.
Step 1: Create a New Collection
Let’s start by creating a new collection for the mock server to-be.
I don’t have any endpoints right now, since backend is unavailable. So I just go a head and enter https://postman-echo.com/get and save this request. As you see, it returns me a successful response.
Step 2: Add Example
Next step is to save the response as example by pushing the button “Save as Example” button, since I want to add different requests and mock responses.
Example Request 1: Get users
Now I changed the url as https://postman-echo.com/getUsers then entering my json response to the bottom field. However this will not work before I enter a mock server for it.
Step 3: Add Mock Server
I simply tap the Mock Servers button on the left hand side. If you cannot see it, you can tap on the last + button to display it.
I am selecting my Mock Collection where my mock endpoint is defined.
I am filling the required fields and finalizing the creation by pushing the create mock server button.
Now you are supposed to see this view where the url of the mock server is mentioned. Copy it for further configuration.
Now that you have created your mock server, go back to the collection and replace the https://postman-echo.com/ url with the mock server url that you have recently captured, save and try.
Congratulations! Now we have a functioning mock server. The further step is to use it from client.
Added more requests: Get appointments of each user
I have added more requests and mock responses to display appointments of each user and used the same mock server url for each.
Step 4: Configure Your Client
I configured my url requests as follows. You can integrate your own logic depending on your needs. Feel free to download/inspect my reference project.
struct UserMockAPI {
enum ApiConfig {
private static let baseURL: String = "https://fdc39d9d-cbf6-4ce2-b0dd-3861a530172a.mock.pstmn.io/"
case all
case appointments(userId: String)
var url: String {
switch self {
case .all:
return "\(Self.baseURL)getUsers"
case let .appointments(userId):
return "\(Self.baseURL)getAppointments/?userId=\(userId)"
}
}
}
}
Everything works as expected, and I’ve already implemented the feature despite not having a real backend at the moment. Postman’s mock server tool provides us with the capability to simulate the backend, allowing us to test and develop seamlessly.
As a conclusion
We have covered essential features of Postman that might be helpful when debugging the Network Layer. It allows every kinds of developer to send requests to APIs and inspect the responses. This is particularly useful for mobile developers who need to diagnose problems related to network requests in their apps.
I’m excited to connect with you in future articles. Until then, stay curious and keep learning!