UserSAMLIdentifier is retrieved using get_or_create() first, and if is new
we proceed with the creation of the new user, otherwise we delete the temporaru
user we created use the one attached to the existing UserSAMLIdentifier.
Assiging related m2m fields provokes a bulk insert which is not safe with
respect to concurrent writes, we replace this by use of get_or_create() and
delete() on the through model of the User.groups field.