# Chapter 4 - Automated Testing

## Common Status Codes


| Status code | Role |
|-------------|------|
| 200 OK | Indicates the request has succeeded. It usually includes data related to the resource in the response body. |
| 201 CREATED | Indicates the request has succeeded and the system created a resource. It should also include a Location HTTP header pointing to the  |newly created resource and can include the new entity in the response body.
| 202 ACCEPTED | Indicates the request has been accepted for processing but has not been processed yet. We use this code for asynchronous operations. |Inan event-driven system (see Chapter 17, Getting Started with Vertical SliceArchitecture), this could mean that an event has been published, the  current resource has completed its job (published the event), but to know more, the client needs to contact another resource, wait for a notification, just wait, or can’t know.
| 204 NO CONTENT | Indicates the request has succeeded with no content in the response body. |
| 302 FOUND | Indicates that the requested resource resides temporarily under a different URL specified in the Location header. We commonly use this status code for redirection. |
| 400 BAD REQUEST | Indicates that the server could not understand or process the request. This usually relates to a validation error like a bad input or a missing field.
| 401 UNAUTHORIZED | Indicates that the request requires user authentication to access the resource. |
| 403 FORBIDDEN | Indicates that the server understood the request but refused to authorize it. This usually means the client lacks access rights  |forthe resource (authorization).
| 404 NOT FOUND | Indicates the resource does not exist or was not found. REST APIs often return this from valid endpoints. |
| 409 CONFLICT | Indicates that the server cannot complete the request due to a conflict with the current state of the resource. A typical scenario  |would be that the entity has changed between its read operation (GET) and the current update (PUT) operation.
| 500 INTERNAL SERVER ERROR | Indicates that an unhandled error occurred on the server side and prevented it from fulfilling the request |

## Headers

- Use `Location` to communicate the resource url of new entities, status of async processes, or redirection
- 

## Versioning

- What if not version is supplied, First version, latest, or return error
- Use the uri to indicate version (Most common)
- Could use headers to specify version i.e. `Accept-version`

## Data Transfer Object (DTO)

- Used to control an API's inputs and outputs
- loosley couple our domain model from data exposed via API, can change model without chaning API contract
- Can be used to package related data together in a single call




In [46]:
flowchart RL
    subgraph C["Client"]
        
    end
    subgraph E["REST API Endpoint"]
        InputDTO
        OutputDTO
    end
    subgraph D["Domain"]
       Model
    end
    C-->E
    E-->C
    E-->D
    D-->E

## OpenAPI Specs / Docs

- Can use the SwaggerGen package to generate OpenAPI spec docs automatically based on teh code.

```bash
 dotnet add package Swashbuckle.AspNetCore.SwaggerGen
 ```

 ```csharp
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
var app = builder.Build();
app.UseSwagger();
// Omitted endpoints
app.Run();
```