Webhook Testing Strategy

D
Dimpy Adhikary
Beyond The Callback: Webhook Testing For Modern Applications By Dimpy Adhikary, Quality Analyst, Thoughtworks
Agenda 01 - Introduction to Webhook Why/What/How 02 - Webhook Demo Simple webhook implementation 03 - Challenges in Webhook What can go wrong 04 - Webhook Testing Strategy How to test a webhook based application
ECOMMERCE Inventory Management Use Cases MARKETING AUTOMATION Personalized Campaign HEALTHCARE SERVICES Patient Data Sharing FINANCIAL SERVICES Loan Application Process Why Webhook
ECOMMERCE What is Webhook Source app Payload Destination App Event Webhook URL Webhook is a user specified HTTP callback that get triggered by some event to connect and share data between two applications.
How Webhook Works Register For The Event In Source App Received Data And Taking Action In Source App Repeat The Process Waiting For The Event In Destination App Setting Up The Webhook (Callback URL) In Source App Event Is triggered In Source App
ECOMMERCE Polling Vs Webhook Polling Webhooks Request origin Client Server Trigger Client-initiated Server-initiated Frequency Scheduled or continuous Event-driven Efficiency Less efficient More efficient Scalability Less scalable More scalable
Weather Notification - Webhook Demo Prerequisite: - Python (pip install flask,requests) - Curl ● Users can subscribe to receive weather updates for specific cities. ● When the weather conditions match their preferences, a webhook is sent to the user's registered endpoint. Implementation: - sender.py - Send webhook notification - receiver.py - Listen for incoming weather notification. Simulation of the event: curl -X POST -H "Content-Type: application/json" -d '{"city": "city1", "weather": "sunny", "user_endpoints": {"city1": "http://localhost:3000/receive_weather_notification", "city2": "http://localhost:3000/receive_weather_notification"}}' http://localhost:5000/simulate_weather_update
Challenges in Webhook Payload - Contract change - Missing data - Invalid data Configuration - IP white listing - Incorrect URL/payload format - Token expiry - Incorrect token/credentials - Wrong event association - Incorrect rate limiting Error Handling - Unhandled errors - No error retry mechanism - No error notification
Challenges in Webhook Performance - Slow webhook processing - Timeout error - Resource exhaustion - Scalability issues Resilience - Availability - Idempotence - External dependencies - Async communication - Network failures Security - Unauthorized access - Data breaches - Replay attacks - DoS attacks Compliance - Data privacy regulations (GDPR) - Financial regulations (PCI) - Industry-specific regulations (HIPPA)
Testing Strategy Functional Testing - Configuration - Error handling - Integration - User journey Reliability Testing - Simulating failures - Infra testing - Retry mechanism - Monitoring Performance Testing - Load/Stress/Volume testing Contract testing - Payload/schema - Consumer/provider driven Compliance Testing - Data compliance - PCI/PII Security Testing - OWASP top 10 - Attack simulation
1 of 10

Webhook Testing Strategy

Download to read offline
Technology

This presentation covers webhook testing strategy for microservice based application

D
Dimpy Adhikary

Recommended

High Availability by DesignHigh Availability by Design
High Availability by DesignDavid Prinzing
408 views14 slides
02 api gateway02 api gateway
02 api gatewayJanani Velmurugan
233 views20 slides
Server-Sent Events in ActionServer-Sent Events in Action
Server-Sent Events in ActionAndrei Rusu
12.4K views21 slides
How to build customizable multitenant web applications - IPC11 Spring EditionHow to build customizable multitenant web applications - IPC11 Spring Edition
How to build customizable multitenant web applications - IPC11 Spring EditionStephan Hochdörfer
16.3K views89 slides
Event Driven Streaming Analytics - Demostration on Architecture of IoTEvent Driven Streaming Analytics - Demostration on Architecture of IoT
Event Driven Streaming Analytics - Demostration on Architecture of IoTLei Xu
1.7K views32 slides
IRJET- An Overview of Web Sockets: The Future of Real-Time CommunicationIRJET- An Overview of Web Sockets: The Future of Real-Time Communication
IRJET- An Overview of Web Sockets: The Future of Real-Time CommunicationIRJET Journal
14 views4 slides

More Related Content

Similar to Webhook Testing Strategy

Similar to Webhook Testing Strategy(20)

Petr Dvořák: Mobilní webové služby pohledem iPhone developeraPetr Dvořák: Mobilní webové služby pohledem iPhone developera
Petr Dvořák: Mobilní webové služby pohledem iPhone developera
WebExpo398 views
Service workers and their role in PWAsService workers and their role in PWAs
Service workers and their role in PWAs
Ipsha Bhidonia72 views
Event-Based API Patterns and PracticesEvent-Based API Patterns and Practices
Event-Based API Patterns and Practices
LaunchAny46 views
API Security - Null meetAPI Security - Null meet
API Security - Null meet
vinoth kumar2.1K views
Are You Ready For More Visitors Cognizant Gomez Jan20Are You Ready For More Visitors Cognizant Gomez Jan20
Are You Ready For More Visitors Cognizant Gomez Jan20
Compuware APM844 views
Magical Performance tuning with GomezMagical Performance tuning with Gomez
Magical Performance tuning with Gomez
mcsaha674 views
Don't call us - we'll push - cross tier push architecture (JavaOne 2011)Don't call us - we'll push - cross tier push architecture (JavaOne 2011)
Don't call us - we'll push - cross tier push architecture (JavaOne 2011)
Lucas Jellema2.3K views
Statying Alive - Online and OFflineStatying Alive - Online and OFfline
Statying Alive - Online and OFfline
Erik Hellman1.5K views
Webservices Testing PPT.pdfWebservices Testing PPT.pdf
Webservices Testing PPT.pdf
AbhishekDhotre44 views
Event driven architecureEvent driven architecure
Event driven architecure
Touraj Ebrahimi333 views
PHP Continuous Data ProcessingPHP Continuous Data Processing
PHP Continuous Data Processing
Michael Peacock765 views
Difference between Client Polling vs Server Push vs Websocket vs Long PollingDifference between Client Polling vs Server Push vs Websocket vs Long Polling
Difference between Client Polling vs Server Push vs Websocket vs Long Polling
jeetendra mandal370 views
Building Event Driven API Services Using WebhooksBuilding Event Driven API Services Using Webhooks
Building Event Driven API Services Using Webhooks
Cloud Elements5.1K views
Live Streaming & Server Sent EventsLive Streaming & Server Sent Events
Live Streaming & Server Sent Events
tkramar7.5K views
[WSO2Con EU 2018] Building Reactive Applications Using Event Driven Architecture[WSO2Con EU 2018] Building Reactive Applications Using Event Driven Architecture
[WSO2Con EU 2018] Building Reactive Applications Using Event Driven Architecture
WSO2319 views
WebhooksWebhooks
Webhooks
Priyank Thada505 views
Events, Picos, and MicroservicesEvents, Picos, and Microservices
Events, Picos, and Microservices
Phil Windley6.8K views
Multiple_Vendors_Part-1Multiple_Vendors_Part-1
Multiple_Vendors_Part-1
Philip Storey142 views
Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd
Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd
Sencha1.1K views
EWD 3 Training Course Part 6: What Happens when a QEWD Application is StartedEWD 3 Training Course Part 6: What Happens when a QEWD Application is Started
EWD 3 Training Course Part 6: What Happens when a QEWD Application is Started
Rob Tweed1K views

Recently uploaded

Recently uploaded(20)

"Quality Assurance: Achieving Excellence in startup without a Dedicated QA", ..."Quality Assurance: Achieving Excellence in startup without a Dedicated QA", ...
"Quality Assurance: Achieving Excellence in startup without a Dedicated QA", ...
Fwdays27 views
TE Connectivity: Card Edge InterconnectsTE Connectivity: Card Edge Interconnects
TE Connectivity: Card Edge Interconnects
CXL Forum87 views
"Role of a CTO in software outsourcing company", Yuriy Nakonechnyy"Role of a CTO in software outsourcing company", Yuriy Nakonechnyy
"Role of a CTO in software outsourcing company", Yuriy Nakonechnyy
Fwdays31 views
Photowave Presentation Slides - 11.8.23.pptxPhotowave Presentation Slides - 11.8.23.pptx
Photowave Presentation Slides - 11.8.23.pptx
CXL Forum110 views
Liqid: Composable CXL PreviewLiqid: Composable CXL Preview
Liqid: Composable CXL Preview
CXL Forum114 views
MemVerge: Gismo (Global IO-free Shared Memory Objects)MemVerge: Gismo (Global IO-free Shared Memory Objects)
MemVerge: Gismo (Global IO-free Shared Memory Objects)
CXL Forum101 views
AMD: 4th Generation EPYC CXL DemoAMD: 4th Generation EPYC CXL Demo
AMD: 4th Generation EPYC CXL Demo
CXL Forum113 views
JCon Live 2023 - Lice coding some integration problemsJCon Live 2023 - Lice coding some integration problems
JCon Live 2023 - Lice coding some integration problems
Bernd Ruecker55 views
MemVerge: Past Present and Future of CXLMemVerge: Past Present and Future of CXL
MemVerge: Past Present and Future of CXL
CXL Forum98 views
Architecting multi-cloud ready applicationsArchitecting multi-cloud ready applications
Architecting multi-cloud ready applications
Swaminathan Vetri43 views
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
Splunk139 views
PyCon ID 2023 - Ridwan Fadjar Septian.pdfPyCon ID 2023 - Ridwan Fadjar Septian.pdf
PyCon ID 2023 - Ridwan Fadjar Septian.pdf
Ridwan Fadjar161 views
How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...
How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...
Vadym Kazulkin44 views
"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi
"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi
Fwdays20 views
ThroughputThroughput
Throughput
Moisés Armani Ramírez25 views
GigaIO: The March of Composability Onward to Memory with CXLGigaIO: The March of Composability Onward to Memory with CXL
GigaIO: The March of Composability Onward to Memory with CXL
CXL Forum114 views
Webinar : Competing for tomorrow’s leaders – How MENA insurers can win the wa...Webinar : Competing for tomorrow’s leaders – How MENA insurers can win the wa...
Webinar : Competing for tomorrow’s leaders – How MENA insurers can win the wa...
The Digital Insurer17 views
WEEK 1_ IT Network Engineering Class.pptxWEEK 1_ IT Network Engineering Class.pptx
WEEK 1_ IT Network Engineering Class.pptx
dclmict180 views
Spesifikasi Lengkap ASUS Vivobook Go 14Spesifikasi Lengkap ASUS Vivobook Go 14
Spesifikasi Lengkap ASUS Vivobook Go 14
Dot Semarang30 views
"Fast Start to Building on AWS", Igor Ivaniuk"Fast Start to Building on AWS", Igor Ivaniuk
"Fast Start to Building on AWS", Igor Ivaniuk
Fwdays25 views

Webhook Testing Strategy

  • 1. Beyond The Callback: Webhook Testing For Modern Applications By Dimpy Adhikary, Quality Analyst, Thoughtworks
  • 2. Agenda 01 - Introduction to Webhook Why/What/How 02 - Webhook Demo Simple webhook implementation 03 - Challenges in Webhook What can go wrong 04 - Webhook Testing Strategy How to test a webhook based application
  • 3. ECOMMERCE Inventory Management Use Cases MARKETING AUTOMATION Personalized Campaign HEALTHCARE SERVICES Patient Data Sharing FINANCIAL SERVICES Loan Application Process Why Webhook
  • 4. ECOMMERCE What is Webhook Source app Payload Destination App Event Webhook URL Webhook is a user specified HTTP callback that get triggered by some event to connect and share data between two applications.
  • 5. How Webhook Works Register For The Event In Source App Received Data And Taking Action In Source App Repeat The Process Waiting For The Event In Destination App Setting Up The Webhook (Callback URL) In Source App Event Is triggered In Source App
  • 6. ECOMMERCE Polling Vs Webhook Polling Webhooks Request origin Client Server Trigger Client-initiated Server-initiated Frequency Scheduled or continuous Event-driven Efficiency Less efficient More efficient Scalability Less scalable More scalable
  • 7. Weather Notification - Webhook Demo Prerequisite: - Python (pip install flask,requests) - Curl ● Users can subscribe to receive weather updates for specific cities. ● When the weather conditions match their preferences, a webhook is sent to the user's registered endpoint. Implementation: - sender.py - Send webhook notification - receiver.py - Listen for incoming weather notification. Simulation of the event: curl -X POST -H "Content-Type: application/json" -d '{"city": "city1", "weather": "sunny", "user_endpoints": {"city1": "http://localhost:3000/receive_weather_notification", "city2": "http://localhost:3000/receive_weather_notification"}}' http://localhost:5000/simulate_weather_update
  • 8. Challenges in Webhook Payload - Contract change - Missing data - Invalid data Configuration - IP white listing - Incorrect URL/payload format - Token expiry - Incorrect token/credentials - Wrong event association - Incorrect rate limiting Error Handling - Unhandled errors - No error retry mechanism - No error notification
  • 9. Challenges in Webhook Performance - Slow webhook processing - Timeout error - Resource exhaustion - Scalability issues Resilience - Availability - Idempotence - External dependencies - Async communication - Network failures Security - Unauthorized access - Data breaches - Replay attacks - DoS attacks Compliance - Data privacy regulations (GDPR) - Financial regulations (PCI) - Industry-specific regulations (HIPPA)
  • 10. Testing Strategy Functional Testing - Configuration - Error handling - Integration - User journey Reliability Testing - Simulating failures - Infra testing - Retry mechanism - Monitoring Performance Testing - Load/Stress/Volume testing Contract testing - Payload/schema - Consumer/provider driven Compliance Testing - Data compliance - PCI/PII Security Testing - OWASP top 10 - Attack simulation