Advertisement

A Catalogue of Inter-parameter Dependencies in RESTful Web APIs

  • Alberto Martin-LopezEmail author
  • Sergio Segura
  • Antonio Ruiz-Cortés
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11895)

Abstract

Web services often impose dependency constraints that restrict the way in which two or more input parameters can be combined to form valid calls to the service. Unfortunately, current specification languages for web services like the OpenAPI Specification provide no support for the formal description of such dependencies, which makes it hardly possible to automatically discover and interact with services without human intervention. Researchers and practitioners are openly requesting support for modelling and validating dependencies among input parameters in web APIs, but this is not possible unless we share a deep understanding of how dependencies emerge in practice—the aim of this work. In this paper, we present a thorough study on the presence of dependency constraints among input parameters in web APIs in industry. The study is based on a review of more than 2.5K operations from 40 real-world RESTful APIs from multiple application domains. Overall, our findings show that input dependencies are the norm, rather than the exception, with 85% of the reviewed APIs having some kind of dependency among their input parameters. As the main outcome of our study, we present a catalogue of seven types of dependencies consistently found in RESTful web APIs.

Keywords

Web services Constraints Parameter dependencies 

Notes

Acknowledgements

This work has been partially supported by the European Commission (FEDER) and Spanish Government under projects BELI (TIN2015-70560-R) and HORATIO (RTI2018-101204-B-C21), and the FPU scholarship program, granted by the Spanish Ministry of Education and Vocational Training (FPU17/04077). We would also like to thank Enrique Barba Roque and Julián Gómez Rodríguez for their help in analysing the documentation of some of the APIs considered for this study.

References

  1. 1.
    Arcuri, A.: RESTful API automated test case generation with EvoMaster. ACM Trans. Softw. Eng. Methodol. 28(1), 3 (2019)CrossRefGoogle Scholar
  2. 2.
    Atlidakis, V., Godefroid, P., Polishchuk, M.: REST-ler: automatic intelligent REST API Fuzzing. Technical report, April 2018Google Scholar
  3. 3.
    Benavides, D., Segura, S., Ruiz-Cortés, A.: Automated analysis of feature models 20 years later: a literature review. Inf. Syst. 35(6), 615–636 (2010)CrossRefGoogle Scholar
  4. 4.
    Cacciagrano, D., Corradini, F., Culmone, R., Vito, L.: Dynamic constraint-based invocation of web services. In: 3rd International Workshop on Web Services and Formal Methods, pp. 138–147 (2006)Google Scholar
  5. 5.
    Inter-Parameter Dependencies in RESTful APIs [Dataset] (2019). https://bit.ly/2wvv1m1
  6. 6.
    Ed-douibi, H., Izquierdo, J.L.C., Cabot, J.: Automatic generation of test cases for REST APIs: a specification-based approach. In: IEEE 22nd International Enterprise Distributed Object Computing Conference, pp. 181–190 (2018)Google Scholar
  7. 7.
    Fielding, R.T.: Architectural styles and the design of network-based software architectures. Ph.D. thesis (2000)Google Scholar
  8. 8.
    Gamez-Diaz, A., Fernandez, P., Ruiz-Cortés, A.: Automating SLA-Driven API development with SLA4OAI. In: 17th International Conference on Service-Oriented Computing (2019)Google Scholar
  9. 9.
    Gao, C., Wei, J., Zhong, H., Huang, T.: Inferring data contract for web-based API. In: IEEE International Conference on Web Services, pp. 65–72 (2014)Google Scholar
  10. 10.
    Jacobson, D., Brail, G., Woods, D.: APIs: A Strategy Guide. O’Reilly Media, Inc., Sebastopol (2011)Google Scholar
  11. 11.
    Martin-Lopez, A., Segura, S., Ruiz-Cortés, A.: Test coverage criteria for RESTful Web APIs. In: Proceedings of the 10th ACM SIGSOFT International Workshop on Automating TEST Case Design, Selection, and Evaluation (A-TEST 2019) (2019)Google Scholar
  12. 12.
    Oostvogels, N., De Koster, J., De Meuter, W.: Inter-parameter constraints in contemporary web APIs. In: Cabot, J., De Virgilio, R., Torlone, R. (eds.) ICWE 2017. LNCS, vol. 10360, pp. 323–335. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-60131-1_18CrossRefGoogle Scholar
  13. 13.
    OpenAPI Specification. https://github.com/OAI/OpenAPI-Specification. Accessed March 2019
  14. 14.
    ProgrammableWeb API Directory. http://www.programmableweb.com/. Accessed March 2019
  15. 15.
    RESTful API Modeling Language (RAML). http://raml.org/. Accessed March 2019
  16. 16.
    RapidAPI API Directory. https://rapidapi.com. Accessed March 2019
  17. 17.
    Richardson, L., Amundsen, M., Ruby, S.: RESTful Web APIs. O’Reilly Media, Inc., Sebastopol (2013)Google Scholar
  18. 18.
    Segura, S., Parejo, J.A., Troya, J., Ruiz-Cortés, A.: Metamorphic testing of RESTful web APIs. IEEE Trans. Softw. Eng. 44(11), 1083–1099 (2018)CrossRefGoogle Scholar
  19. 19.
    Swagger. http://swagger.io/. Accessed March 2019
  20. 20.
    Text Analyzer - Text analysis Tool. https://www.online-utility.org/text/analyzer.jsp. Accessed April 2019
  21. 21.
    Wu, Q., Wu, L., Liang, G., Wang, Q., Xie, T., Mei, H.: Inferring dependency constraints on parameters for web services. In: Proceedings of the 22nd International Conference on World Wide Web, pp. 1421–1432 (2013)Google Scholar
  22. 22.
    Xu, L., Yuan, Q., Wu, J., Liu, C.: Ontology-based web service robustness test generation. In: IEEE International Symposium on Web Systems Evolution, pp. 59–68 (2009)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Alberto Martin-Lopez
    • 1
    Email author
  • Sergio Segura
    • 1
  • Antonio Ruiz-Cortés
    • 1
  1. 1.Department of Computer Languages and SystemsUniversidad de SevillaSevilleSpain

Personalised recommendations