Current Behavior

Given
An authenticator with a sub-flow that has at least 2 authenticationExecutions of same type (not flows but real authenticators).

When
Importing this file
realm-authenticators-failure.json

Then
An exception occurs
Caused by: de.adorsys.keycloak.config.exception.ImportProcessingException: Unexpected size of execution identity-provider-redirector in flow Sub-Flow found. at de.adorsys.keycloak.config.service.ExecutionFlowsImportService.configureExecutionFlow(ExecutionFlowsImportService.java:197) at de.adorsys.keycloak.config.service.ExecutionFlowsImportService.createExecutionAndExecutionFlowsForSubFlows(ExecutionFlowsImportService.java:245) at de.adorsys.keycloak.config.service.ExecutionFlowsImportService.createAndConfigureExecutionFlow(ExecutionFlowsImportService.java:107) at de.adorsys.keycloak.config.service.ExecutionFlowsImportService.createExecutionOrExecutionFlow(ExecutionFlowsImportService.java:90) at de.adorsys.keycloak.config.service.ExecutionFlowsImportService.createExecutionsAndExecutionFlows(ExecutionFlowsImportService.java:69) at de.adorsys.keycloak.config.service.AuthenticationFlowsImportService.createTopLevelFlow(AuthenticationFlowsImportService.java:154) at de.adorsys.keycloak.config.service.AuthenticationFlowsImportService.createOrUpdateTopLevelFlow(AuthenticationFlowsImportService.java:143) at de.adorsys.keycloak.config.service.AuthenticationFlowsImportService.createOrUpdateTopLevelFlows(AuthenticationFlowsImportService.java:123) at de.adorsys.keycloak.config.service.AuthenticationFlowsImportService.doImport(AuthenticationFlowsImportService.java:95) at de.adorsys.keycloak.config.service.RealmImportService.configureRealm(RealmImportService.java:207) at de.adorsys.keycloak.config.service.RealmImportService.updateRealm(RealmImportService.java:192) at de.adorsys.keycloak.config.service.RealmImportService.updateRealmIfNecessary(RealmImportService.java:150) at de.adorsys.keycloak.config.service.RealmImportService.doImport(RealmImportService.java:141) at de.adorsys.keycloak.config.KeycloakConfigRunner.run(KeycloakConfigRunner.java:79) at org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:768) ... 13 common frames omitted

Expected Behavior

Should import the authenticator definition successfully, filtering non-flow authenticationExecutions by authenticator and authenticatorConfig values.

Steps To Reproduce

Import file
[realm-authenticators-failure.json](https://github.com/adorsys/keycloak-config-cli/files/13871675/realm-authenticators-failure.json)


Of course this minimal example doesn't make sense in production but shows the problem.

Environment

• Keycloak Version: 23.0.1
• keycloak-config-cli Version: 23.0.1
• Java Version: 17

Anything else?

Guess
My guess is that there's no real "alias" for an authenticator. But one could argue that you could fall back to "authenticatorConfig" value (which is presented as "Alias" in UI) to distinguish them.

Side note
The exception doesn't occur when having multiple authenticationExecutions of same type on top level. Then everything just works as expected.

Workaround
Create Sub-SubFlows where each SubFlow only contains authenticationExecutions of distinct types.