When it comes to testing mobile applications it becomes harder to build and execute with traditional tools that focus on UI. There are a lot of moving parts, usually, it requires coding, involves a lot of maintenance, and often suffers from instability, but it doesn’t have to be like that.
In this article, I will show you how to capture the behavior of your mobile application and turn it into end-to-end API-driven flows in a fun way and with a fraction of the effort compared to other methods out there.
Mobile testing is hard
Slow - Mobile testing tools don’t excel in speed, simulating user interaction usually comes with overhead. That’s also due to the fact that mobile applications aren’t built around testing and have near-human latency.
Flaky - Behavior and UI often change and break tests that rely on specific elements or flows that were changed.
Expensive - Traditional mobile testing will occupy expensive devices for a long time and will require more resources to maintain and analyze them.
Hard to maintain - It is difficult to get to the root cause of mobile tests failures, they’re hard to debug and contain multiple moving parts. On top of that mobile tests will be usually built with code that adds complexity and requires expertise.
Higher entry barrier - Most of the tools out there will require coding, deploying new frameworks, and getting to know and use them, which will add to the learning curve.
Impossible with rich graphic applications - Dynamic applications with progressive animations or continuous state (ie. Games, Navigation, Imaging, etc.) are almost impossible to automate due to their chaotic nature, as a result, if it was possible it would still break the simple philosophy of test automation.
Introducing Mobile integration testing
Testing the behavior of applications without falling into the noted pitfalls can be easily achieved with end-to-end API testing. APIs by nature are fast, stable, reliable, seldom break and now easy to build, maintain and don't require coding. In the next section we will see exactly how to build our first test out of any mobile application.
Generating tests from user behavior on any/your mobile app- high level
This is how our setup will look like on a high level
The following steps will be required to accomplish your first test:
*Setup an android application on android emulator device on your machine (Mac)
*Setup proxy engine (Proxyman)
Capture user behavior
Generating automated tests with Loadmill
* Required only for the initial setup
Next is the detailed step-by-step tutorial on how to set it all and make your first test.
Setup android application using the Andorid emulator
Download Android Studio
Note, Make sure you install the right version for your chipset.
Note, There’s no need to create a project through the initial screen.
Create a new android device
Open the device manager (AVD) - In android studio, select More-actions -> ‘Virtual Device Manager
Click on “Create Device” and select one without the “Play store” logo, then select next.
Select api level 32 and click next. (not all API versions were tested with this method, departing from the recommended version will reduce the chances of your success) Note that arm64 ABI images are optimized for mac silicone, I highly recommend selecting such an image in case you have apple silicon.
Click on “Show advanced settings” and ensure setting enough Internal storage. Click on finish.
Start the newly added device from the device manager (this is the only time we will start it from the device manager, next times we will use a cli command)
Install android application
Install it by dragging the downloaded APK into the running device emulator screen.
Depending on the application you might need to perform initial login and some other first time steps.
After that you can close the device for now.
Setting proxy (Proxyman)
Note that For this tutorial we’ve chosen to use Proxyman but others can be used as well using the same principles.
Make sure you have OpenSSL installed on your mac by running the following command “openssl version”
Make sure you have access to the Android Debug Bridge from your terminal (in your path)
Check this by typing “adb version”
If it is not in your path, link it by running “sudo ln -s ~/Library/Android/sdk/platform-tools/adb /usr/local/bin”
Make sure that you can access the emulator cli from your terminal
Check this by running “emulator version”
If it is not in your path, link it by running “sudo ln -s ~/Library/Android/sdk/emulator/emulator /usr/local/bin”
Download Proxyman & install it
Set Proxyman to use only the external proxy
Preparing the certificate
Proxyman creates a custom SSL certificate to be able to decrypt the app requests
Open this link http://proxy.man/ssl and download the certificate
In the folder you downloaded the certificate to, run the following command to rename the file to the format expected by Android OS -
hashed_name=`openssl x509 -inform PEM -subject_hash_old -in proxyman-ca.pem | head -1` && cp proxyman-ca.pem $hashed_name.0
Deploying the certificate into the device
Execute the following commands in terminal/cmd:
List your AVDs:
emulator -list-avds(previously device should be listed)
Start the desired AVD:
emulator -avd <avd_name_here> -writable-system(after executing this step, an android device should come up on you screen)
restart adb as root:
adb root(open a new terminal tab)
disable secure boot verification:
adb shell avbctl disable-verification
restart adb as root:
adb root(don’t run that command until the emulator is rebooted)
perform remount of partitions as read-write:
adb remount(If adb asking to reboot, reboot again by running adb reboot then again adb root and adb remount)
push your renamed certificate from step C:
adb push <path_to_certificate> /system/etc/security/cacerts
set certificate permissions:
adb shell chmod 664 /system/etc/security/cacerts/<name_of_pushed_certificate>
Validating the certificate on the device
In your on-screen android device -
Navigate to settings -> Security -> Encryption & Credentials -> Trusted Credentials
If all went well you will be able to find (with a little scrolling) “Proxyman LLC” certificate under the “System” tab.
Configuring Proxyman as the proxy on your device
In Proxyman navigate to “Certificate -> Install Certificate on Android -> Physical Devices …” (don’t let the notion of “Physical Devices” confuse you, we won’t follow this guide, just take a few necessary details)
In the “Android setup guide” copy the ip and the port for the next steps.
In your device, navigate to your current wifi settings
Disconnect and click on the edit button
Change the proxy type to ‘Manual’ and insert the ip and the port accordingly. Click save and reconnect back to the wifi.
Capturing user behavior
Starting the device
If your device isn’t running, make sure to start if with the following command:
emulator -avd <avd_name_here> -writable-systemImportant: In order to be able to capture the traffic your device generates, you must start your device from the terminal/cmd with this command each time.
Inserting url(s) into SSL Proxying list Tell ProxyMan what traffic to decrypt by going to “Tools” -> “SSL Proxying List” and add new entry to the include list according to the traffic you’re interested to capture from your application, in my case *.papjohns.com should do the work.
Starting capturing traffic
In ProxyMan make sure you see the ‘pause’ sign in the top left corner, (it means it is turned on).
In your emulator device, open the app, on the first request proxyman should start displaying traffic and you will notice to a new entry under “Remote devices”
Once ‘driving’ the application you should see requests being captured, note to the SSL unlocked sign, it means your requests are being decrypted by ProxyMan. It is also useful (and fun) to click on requests and see the body in a human readable form
Exporting traffic data
Now let’s export the entire set as har file for the next steps, you can either select multiple requests in the list or just right click on the domain and select Export-> as HAR (HTTP Archive)
Save the file on your disk and follow the next section that explains how to generate tests out of it.
Generating automated tests with Loadmill
Import the ‘har’ file
In loadmill test designer (The pen menu-item) navigate to your suite and click on ‘import flow’ (1), select your file and wait up until the import is completed.
Loadmill just created a new API flow from your traffic, note to the parameterization and chaining of all the parameters, it was done automatically with zero effort.
Run your flow Now you can attempt running your new flow (2) from loadmill
Enhancements and advanced topics To get the most out of your tests, to insert global login flow, integrate with your CI system and learn how to make your tests more robust, head to loadmill documentation.