fix: validate requested userId with SsoService user

KC api requests don't retrieve the KC-userId again, if that is already pulled. This might cause regression => userId mismatch for some users. So, now we also track nc-user, & before reusing already retrieve KC-userId, we now check is the user is valid or not.

Issue: https://gitlab.e.foundation/e/infra/backlog/-/issues/4053+s