public void should_logout_user() { var authenticationService = Substitute.For<IAuthenticationService<Token>>(); var secureSession = new SecureSession<Token>(authenticationService, new MemoryTokenStore<Token>()); authenticationService.Authenticate(Arg.Any<string>(), Arg.Any<string>()). ReturnsForAnyArgs(new Token(Guid.Empty, null, false)); secureSession.Login("username", "password"); secureSession.Logout(); secureSession.IsLoggedIn().ShouldBeFalse(); secureSession.GetCurrentToken().ShouldBeNull(); }