Support aggregation of multi-values attributes from multiple linked identities

[NicolasLiampotis]

Aggregate attributes for User with more than one Iinked IdPs. Need in same way know attribute's IdP origination in order IdP reniews only its attributes. Find a way ( json save in database, linked table) for implementation

[cgeorgilakis]

I examine their code and the bigger problem is that jpa implementation and map implementation are different. For Jpa it is enough if we add to the table UserAttributeEntity( name, value) an extra column alias for keeping Identity Provider alias. Only when updating attribute from aggragate mapper we could take into account this field. For map they have Map<String, List> attributes. I believe the best solution is to do it Map<String, List>, where AttributeValue will have String value, String alias. Aggragate mapper will take into account alias only value. All other mappers will put only value. For getting value for Clients we could do like that attribute.stream().map(AttributeValue::value).

We will use one different extra method in UserModel for updating aggregate Attributes with extra parameter the alias.

Moreover I have following questons that must be take into account in the PR :

• Admin can modify attributes. He could see/change also alias?
• We could have users autoupdated from LDAP with mappers for User Attribute. Now Keycloak overide any attribute value. I believe that we should keep this functionality same.
• What will happen if a user is linked with two IdPs with same attribute mapper, one with force one with aggregate?
• UserAttributeMappers can also handle base fields( email, first name, last name). What will be the aggregate mapper behiaviour for this base fields? Is it enough to be like force?