public async void any_user_can_change_password() { //arrange var userService = new Mock <IUserService>(); userService.Setup(x => x.ChangePassword(ValidPasswordChangeModel.Email, ValidPasswordChangeModel.Token, ValidPasswordChangeModel.Password)) .Returns(Task.FromResult(true)); //act var sut = new UserControllerBuilder().WithUserService(userService.Object) .Build(); var result = await sut.PasswordChange(ValidPasswordChangeModel); //assert Assert.IsNotNull(result); Assert.IsAssignableFrom <RedirectResult>(result); userService.Verify(x => x.ChangePassword(ValidPasswordChangeModel.Email, ValidPasswordChangeModel.Token, ValidPasswordChangeModel.Password), Times.Once); sut.AssertPostAttributeWithOutAntiForgeryToken(ACTION_PASSWORD_CHANGE, new[] { typeof(PasswordChangeModel) }); sut.AssertAllowAnonymousAttribute(ACTION_PASSWORD_CHANGE, new[] { typeof(PasswordChangeModel) }); }