hyperactive
Advanced tools
Small utility used to actively test your API by crawling the hypermedia links
hyperactive crawls your API responses, and creates mocha tests for each unique link it finds. Simply pass in some basic config and it will do the rest.
var hyperactive = require('hyperactive');
describe("My API", function() {
it("should be discoverable", function() {
hyperactive.crawl({
url: "http://myApiEndpoint.com/route",
options: {
headers: {
Accept: "application/json"
}
}
});
})
})
Hyperactive will then recursively crawl your API, and make sure it can make a GET request to every URL.
Any 4xx or 5xx status code while crawling makes the corresponding test fail, and the usual Mocha summary gets printed at the end:
1) http://my-api.com/route/that/fails
Bad status 404
70 passing (2613ms)
1 failing
Note: hyperactive needs to run as part of a mocha test suite.
If you want to run it in a different context, just make sure it and describe are defined in the global scope.
For SSL and basicAuth, just add the following to the config:
var hyperactive = require('hyperactive');
describe("My API", function() {
it("should be discoverable", function() {
hyperactive.crawl({
url: "http://myApiEndpoint.com/route",
options: {
headers: {
Accept: "application/json"
},
auth : {
user: "myUsername",
pass: "myPassword"
},
secureProtocol : "SSLv3_client_method",
strictSSL : false
}
});
})
})
Note: hyperactive uses unirest to send requests. The options hash can contain any valid Request option from unirest.
By default, hyperactive looks for links according to the HAL spec:
{
"resource": {
"name": "my resource",
"id": 1,
"_links": {
"link1": {
"href": "http://myApiEndpoint.com/route1"
},
"link2": {
"href": "http://myApiEndpoint.com/route2"
}
}
}
}
If you have a different format for links, you can pass your own link finder. For example, if your API returns the following:
{
"resource": {
"name": "my resource",
"id": 1
},
"links": [
"http://myApiEndpoint.com/route1",
"http://myApiEndpoint.com/route2"
]
}
then you can call hyperactive with:
function getLinks(responseBody) {
return responseBody.links;
}
hyperactive.crawl({
url: "http://myApiEndpoint.com/route",
options: {
headers: {
Accept: "application/json"
},
},
getLinks: getLinks
});
The getLinks function receives a Unirest response and should return an array of links for that response. It's up to you to get these links recursively if you have links nested at several levels inside the response.
By default hyperactive just checks that each response returns a HTTP 200
(i.e. res.ok === true).
You can also pass custom validation function.
For example, if you have the following response:
{
"success": true,
"resource": {
"name": "my resource",
"id": 1,
"_links": {
"link1": {
"href": "http://myApiEndpoint.com/route1"
},
"link2": {
"href": "http://myApiEndpoint.com/route2"
}
}
}
}
Then you can validate it with:
function validate(url, responseBody) {
if(url.match(/some-url/)) {
return responseBody.success;
}
return true;
}
hyperactive.crawl({
url: "http://myApiEndpoint.com/route",
options: {
headers: {
Accept: "application/json"
},
},
validate: validate
});
By default, yes. If that's taking too long, you can also crawl a percentage of all links:
hyperactive.crawl({
url: "http://myApiEndpoint.com/route",
options: {
headers: {
Accept: "application/json"
},
},
samplePercentage: 75
});
Yes, you have to specify the values to be used in the URI template
hyperactive.crawl({
url: "http://myApiEndpoint.com/route",
templateValues: {
jurisdiction: 'NSW'
}
});
Even the start url could be a template
hyperactive.crawl({
url: "http://myApiEndpoint.com/route?jurisdiction={jurisdiction}",
templateValues: {
jurisdiction: 'NSW'
}
});
By default, hyperactive fails any URL that responds with 4xx or 5xx. To handle intermittent issues, you can pass a custom recover function, which can make a test pass despite the errors. Note that this doesn't handle any errors returned from your custom validate function, this is just for recovering from HTTP errors.
For example, you can setup a threshold for 400 errors using:
var failures = 0;
hyperactive.crawl({
recover: function(res) {
return (res.statusCode === 400 && ++failure < 10);
}
});
The usual process:
npm install
npm test
And if everything is passing, submit a pull request :)
FAQs
Creates mocha tests for all hypermedia of your API
We found that hyperactive demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.