Cybersecurity, Mobile Integration Testing

Cybersecurity Mobile Integration Testing

Introduction

  • The purpose of this document is to help development teams associated with the University of Illinois fulfill their responsibility to comply with Illinois Cybersecurity standards as described at https://cam.illinois.edu/policies/fo-36/
  • Mobile Integration Testing provides an automated means to check iterations of an application for flow-breaking change
  • This article currently provides a overview of Mobile Integration Testing with RobotFramework for Android Applications  

Install Android Studio

Android Studio Phone Emulator

Setup Emulator

If the AVD Manager is already present in the Tools Menu, this section is not necessary.

  1. Start New Project
  2. Empty new project with no steps, and accept the default everything
  3. Go to Settings and search for "AVD" to help ensure it shows up in the proper menus
    1. Select it
    2. Accept the changes
  4. Go To Tools --> AVD Manager
  5. Create Virtual Device
  6. Phone type as Pixel 2 (or another if desired)
  7. Choose Pie API (or another if desired)
    1. Accept all the things
    2. Download it before proceeding
    3. Downloading and installing may take some time
    4. Click Finish
  8. Verify Config (Can rename to something meaningful like "name01")
  9. Finish the setup
  10. Now it is available!
  11. Push the Play Button in the Virtual Device Description if it is not already running
  12. Open the phone

Test an APK

Any local APK can be utilized for testing, such as the Calculator App on Android. 

It is also possible to test with a custom APK not available in the App Store. 

To test with a custom APK: 

  1. Procure the APK with which to test
  2. Start the Emulator Phone (directions to create are provided above in Setup Emulator)
  3. Drag and Drop the APK onto the phone
    1. Will install to the phone
    2. Windows Save location will be similar to C:\Users\username\.android\avd\name01.avd
  4. Open the Application just installed
    1. Left Click "Home" and "Swipe Up" to find it
    2. Click the Application
    3. Can add to home screen by dragging it there

Integration Testing with Robot Framework

Robot Framework Installation

*** Note: Install these items as Administrator to avoid future issues ***

Use Appium to Inspect APK Elements

C:\Users\username\AppData\Local\Android\Sdk\platform-tools>adb devices 
List of devices attached 
device-name   device
C:\Users\username\AppData\Local\Android\Sdk\platform-tools>adb shell 
generic_x86_arm:/ $ 
generic_x86_arm:/ $ dumpsys window windows | grep -E 'mCurrentFocus|mFocusedApp'  
    mCurrentFocus=Window{abc123 u0 com.android.calculator2/com.android.calculator2.Calculator}  
    mFocusedApp=AppWindowToken{def456 token=Token{ghi789 ActivityRecord{jkl012 u0 com.android.calculator2/.Calculator t16}}} 
generic_x86_arm:/ $
  • Use all of this info to help fill out this section in the Appium Search
{  
    "platformName": "Android",  
    "platformVersion": "9.0",  
    "deviceName": "device-name",  
    "automationName": "UiAutomator2",  
    "appPackage": "com.android.calculator2",  
    "appActivity": "com.android.calculator2.Calculator" 
}

Run a Robot File

After inspecting an App, a Robot file can be created.

Robot Files are named as filename.robot.

Robot Files are run as robot filename.robot.

This is a sample Robot File for the Calculator App (named testcalc.robot):

*** Settings *** 
Documentation  Test Cases for evaluation of a proper setup with 
...   RobotFramework, AppiumLibrary, and Emulated Android Phone 
...   
...   This will solve the equation 2+4 and present 6 as the answer 
...   
...   Various Click styles are presented for examples 
...   
...   A screenshot will be saved to the working directory before closing 

Library     AppiumLibrary   

*** Variables *** 
${LOCAL_APPIUM_SERVER}    http://localhost:4723/wd/hub 

*** Keywords *** 
Open the Application
    Open Application    ${LOCAL_APPIUM_SERVER}    platformName=android    platformVersion=9.0
        ...    deviceName=emulator-5554    automationName=uiautomator2
        ...    appPackage=com.android.calculator2    appActivity=com.android.calculator2.Calculator 

Enter the Equation
    Click Element    id=com.android.calculator2:id/digit_2
    Click Element    accessibility_id=plus
    Click Element    xpath=//android.widget.LinearLayout[@content-desc="Numbers and basic operations"]/android.view.ViewGroup[1]/android.widget.Button[4] 

Solve the Equation
    Click Element At Coordinates    600    1600  

Close the Application
    Capture Page Screenshot
    Close Application  

*** Test Cases *** 
Valid Open and Close the Calculator
    Open the Application
    Enter the Equation
    Solve the Equation
    Close the Application
 

This can be run using robot testcalc.robot. In the directory where this file is present, the following files will be created:

  • appium-screenshot-1.png
  • log.html
  • output.xml
  • report.html

Use a YAML File for Variables

Variables can be provided by an external file ( https://github.com/robotframework/robotframework/blob/master/doc/userguide/src/CreatingTestData/ResourceAndVariableFiles.rst ).

For example, a YAML file can be utilized to provide variables. Per the instructions at https://github.com/robotframework/robotframework/blob/master/doc/userguide/src/CreatingTestData/ResourceAndVariableFiles.rst#variable-file-as-yaml , installing PyYAML is necessary (instructions provided therein) for Robot to utilize the file correctly. 

This is an example YAML file with example variables called testvals.yaml :

variable01:    username 
variable02:    password

The Robot file will see/use the variables as:

YAML File Variable
Robot File Variable
variable01
VARIABLE01
variable02
VARIABLE02


This is an example Robot file segment using the YAML file to provide the variables:

*** Settings *** 
Documentation  This is a non-working script with example text 

Variables    testvals.yaml

*** Keywords *** 

Enter Credentials
    Input Text    accessibility_id=user    ${VARIABLE01}
    Input Password    accessibility_id=pswd    ${VARIABLE02}

By using an external file, it is easier to share the test code with less risk of compromising test account data, etc. 

More Resources




Keywordssecurity, developer, sdlc, cybersecurity, devops, secdevops   Doc ID106384
OwnerSecurity S.GroupUniversity of Illinois Technology Services
Created2020-10-05 14:27:41Updated2022-02-22 11:45:22
SitesUniversity of Illinois Technology Services
Feedback  1   0