
Security News
Open Source CAI Framework Handles Pen Testing Tasks up to 3,600× Faster Than Humans
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
robotframework-openapidriver
Advanced tools
OpenApiDriver is an extension of the Robot Framework® DataDriver library that allows for generation and execution of test cases based on the information in an OpenAPI document (also known as Swagger document). This document explains how to use the OpenApiDriver library.
For more information about Robot Framework®, see http://robotframework.org.
For more information about the DataDriver library, see https://github.com/Snooz82/robotframework-datadriver.
Note: OpenApiDriver is still under development so there are currently restrictions / limitations that you may encounter when using this library to run tests against an API. See Limitations for details.
If you already have Python >= 3.8 with pip installed, you can simply run:
pip install --upgrade robotframework-openapidriver
The OpenAPI Specification (OAS) defines a standard, language-agnostic interface to RESTful APIs, see https://swagger.io/specification/
The OpenApiDriver module implements a reader class that generates a test case for each path, method and response (i.e. every response for each endpoint) that is defined in an OpenAPI document, typically an openapi.json or openapi.yaml file.
Note: OpenApiDriver is designed for APIs based on the OAS v3 The library has not been tested for APIs based on the OAS v2.
Before trying to use OpenApiDriver to run automatic validations on the target API it's recommended to first ensure that the openapi document for the API is valid under the OpenAPI Specification.
This can be done using the command line interface of a package that is installed as
a prerequisite for OpenApiDriver.
Both a local openapi.json or openapi.yaml file or one hosted by the API server
can be checked using the prance validate <reference_to_file>
shell command:
prance validate --backend=openapi-spec-validator http://localhost:8000/openapi.json
Processing "http://localhost:8000/openapi.json"...
-> Resolving external references.
Validates OK as OpenAPI 3.0.2!
prance validate --backend=openapi-spec-validator /tests/files/petstore_openapi.yaml
Processing "/tests/files/petstore_openapi.yaml"...
-> Resolving external references.
Validates OK as OpenAPI 3.0.2!
You'll have to change the url or file reference to the location of the openapi document for your API.
Note: Although recursion is technically allowed under the OAS, tool support is limited and changing the OAS to not use recursion is recommended. OpenApiDriver has limited support for parsing OpenAPI documents with recursion in them. See the
recursion_limit
andrecursion_default
parameters.
If the openapi document passes this validation, the next step is trying to do a test
run with a minimal test suite.
The example below can be used, with source
and origin
altered to fit your situation.
*** Settings ***
Library OpenApiDriver
... source=http://localhost:8000/openapi.json
... origin=http://localhost:8000
Test Template Validate Using Test Endpoint Keyword
*** Test Cases ***
Test Endpoint for ${method} on ${path} where ${status_code} is expected
*** Keywords ***
Validate Using Test Endpoint Keyword
[Arguments] ${path} ${method} ${status_code}
Test Endpoint
... path=${path} method=${method} status_code=${status_code}
Running the above suite for the first time is likely to result in some
errors / failed tests.
You should look at the Robot Framework log.html
to determine the reasons
for the failing tests.
Depending on the reasons for the failures, different solutions are possible.
Details about the OpenApiDriver library parameters that you may need can be found here.
The OpenApiDriver also support handling of relations between resources within the scope of the API being validated as well as handling dependencies on resources outside the scope of the API. In addition there is support for handling restrictions on the values of parameters and properties.
Details about the mappings_path
variable usage can be found
here.
There are currently a number of limitations to supported API structures, supported data types and properties. The following list details the most important ones:
FAQs
A library for contract-testing OpenAPI / Swagger APIs.
We found that robotframework-openapidriver demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
Security News
Deno 2.4 brings back bundling, improves dependency updates and telemetry, and makes the runtime more practical for real-world JavaScript projects.
Security News
CVEForecast.org uses machine learning to project a record-breaking surge in vulnerability disclosures in 2025.