Panic when calling oauth2/auth/sessions/consent/{user} or oauth2/auth/sessions/consent/{user}/{client}

[robotlovesyou]

Do you want to request a feature or report a bug?
Bug

What is the current behavior?
A panic when calling http://localhost:4444/oauth2/auth/sessions/consent/{user} or http://localhost:4444/oauth2/auth/sessions/consent/{user}/{client}

If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem.

Follow the '5 minute tutorial' to create the auth-code-client and follow the auth code grant flow until the token is displayed by the browser.

Then

curl -X "DELETE" "http://localhost:4444/oauth2/auth/sessions/consent/foo@bar.com"

or

curl -X "DELETE" "http://localhost:4444/oauth2/auth/sessions/consent/foo@bar.com/auth-code-client"

The request will cause a non HTTP error to return. When you observe the docker-compose log you will see the trace from the panic

What is the expected behavior?

That the user's consent is deleted and their tokens are revoked

Which version of the software is affected?
v1.0.0-beta.6

I've done a little digging and the panic is because the store property of the sql manager is nil

[robotlovesyou]

The root cause of this is that in registerRoutes in cmd/server/handler.go the injectConsentManager is called before the store is created by injectFositeStore. Changing the code so that those functions are called the other way around fixes the issue and the tests still pass. I would submit a patch but I don't have time to work out how to write a meaningful test right now. Sorry!