Handle session retrieval issue for sub org users

[SujanSanjula96]

Proposed changes in this pull request

This PR is introduced to handle session retrieval issues for sub org users. Currently only the session created in sub org is shown when getting the session list of sub org list. Ideally session created in primary org should be listed and sub org session should not be listed.

When implementing the fix, following cases are considered.

1. Root org normal apps - In this case, session is created for the root org and it should be considered as an effective session since the session retrieval request is also coming from the same root org.
2. B2B applications - In this case, sessions are created in both root org and B2B org and root org session should be considered as the effective session even though session retrieval request comes from sub org.
3. SaaS applications - In this case, if a user logs into a SaaS app in different tenant, session is created in that tenant. But session retrieval request comes from user resident tenant. But we should return this session as an effective session.
4. Same userstore plugged in different tenants - In this case, same user ID can have different sessions in different tenants. Session retrieval requests can come from different tenants. Here, the sessions belong to the tenant related to session retrieval request should be considered as effective sessions.

Before the fix [1], the behaviour was,

• 1 & 3 cases working as expected.
• Both sessions were listed in case 2.
• All the sessions in different tenants were shown in case 4.

After the fix [1] which is done to address the case 4,

• 1 & 4 cases were handled correctly.
• Only sub org session is shown in case 2.
• Only the sessions related to session request tenant domain are shown in case 3.

With this fix, we handled the above four cases to have expected behaviour.

[1] - #5693

Related Issue - wso2/product-is#22310

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 51 lines in your changes missing coverage. Please review.

Project coverage is 45.94%. Comparing base (cd47f74) to head (f324397).
Report is 36 commits behind head on master.

Files with missing lines	Patch %	Lines
...nternal/impl/UserSessionManagementServiceImpl.java	0.00%	51 Missing ⚠️

❌ Your patch check has failed because the patch coverage (0.00%) is below the target coverage (80.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@             Coverage Diff              @@
##             master    #6506      +/-   ##
============================================
- Coverage     45.96%   45.94%   -0.02%     
- Complexity    14867    14870       +3     
============================================
  Files          1737     1737              
  Lines        107351   107400      +49     
  Branches      19876    19890      +14     
============================================
+ Hits          49343    49346       +3     
- Misses        50977    51026      +49     
+ Partials       7031     7028       -3     

Flag	Coverage Δ
unit	30.49% <0.00%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sonarqubecloud]

Quality Gate passed

Issues
3 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[jenkins-is-staging]

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/13347639877

[jenkins-is-staging]

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/13347639877
Status: failure