Automatically Identifying Parameter Constraints in Complex Web APIs: A Case Study at Adyen

@article{Grent2021AutomaticallyIP,
  title={Automatically Identifying Parameter Constraints in Complex Web APIs: A Case Study at Adyen},
  author={Henk Grent and Aleksei Akimov and Maur{\'i}cio Finavaro Aniche},
  journal={2021 IEEE/ACM 43rd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP)},
  year={2021},
  pages={71-80}
}
  • Henk Grent, Aleksei Akimov, M. Aniche
  • Published 1 February 2021
  • Computer Science
  • 2021 IEEE/ACM 43rd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP)
Web APIs may have constraints on parameters, such that not all parameters are either always required or always optional. Moreover, the presence or value of one parameter could cause another parameter to be required, or parameters could have restrictions on what kinds of values are valid. Having a clear overview of the constraints helps API consumers to integrate without the need for additional support and with fewer integration faults. We made use of existing documentation and code analysis… 

Figures and Tables from this paper

ICSE: G: Automated Management of Inter-Parameter Dependencies in Web APIs
TLDR
This work presents an approach for the automated management of interparameter dependencies in web APIs, and presents a domain-specific language for the description of these dependencies, a mapping to translate them into a constraint satisfaction problem and a catalog of automated analysis operations.

References

SHOWING 1-10 OF 15 REFERENCES
A Catalogue of Inter-parameter Dependencies in RESTful Web APIs
TLDR
This study presents a catalogue of seven types of dependencies consistently found in RESTful web APIs, showing that input dependencies are the norm, rather than the exception, with 85% of the reviewed APIs having some kind of dependency among their input parameters.
Inferring dependency constraints on parameters for web services
TLDR
A novel approach is proposed, called INDICATOR, to automatically infer dependency constraints on parameters for web services, via a hybrid analysis of heterogeneous web service artifacts, including the service documentation, the service SDKs, and the web services themselves.
An Exploratory Study on Faults inWeb API Integration in a Large-Scale Payment Company
TLDR
This work analyzes 2.43 million API error responses to identify the underlying faults and analyzes the occurrence of faults in terms of the frequency and impacted API consumers to show insufficient guidance on certain aspects of the integration is an important challenge to developers.
Inter-parameter Constraints in Contemporary Web APIs
TLDR
It is shown that constraints are common in web APIs, but cannot be expressed in existing machine-readable API specification languages, and envisioned the emergence of constraint-centric specification languages which focus on expressing constraints and describe a prototypical language that supports constraints over multiple parameters.
A field study of API learning obstacles
TLDR
This study conducted a mixed approach, multi-phased study of the obstacles faced by Microsoft developers learning a wide variety of new APIs, with a special focus on obstacles related to API documentation.
Patterns of Knowledge in API Reference Documentation
TLDR
The taxonomy and patterns of knowledge presented can be used to help practitioners evaluate the content of their API documentation, better organize their documentation, and limit the amount of low-value content.
Inferring method specifications from natural language API descriptions
TLDR
This work proposes a novel approach to infer formal specifications from natural language text of API documents and shows that this approach has an average 83% accuracy in inferring specifications from over 1600 sentences describing code contracts.
Inferring Data Contract for Web-Based API
TLDR
This paper presents an approach to infer formal data contracts for Web-based API and demonstrates how this approach infers complicated data preconditions for Web -based API in the real-world Web API platforms.
REST-ler: Automatic Intelligent REST API Fuzzing
TLDR
REST-ler is introduced, the first automatic intelligent REST API security-testing tool that analyzes a Swagger specification and generates tests that exercise the corresponding cloud service through its REST API.
An Empirical Study of API Usability
TLDR
The design of an API usability study is presented which combines interview questions based on the cognitive dimensions framework, with systematic observations of programmer behavior while solving programming tasks based on ``tokens''.
...
...