Support a user specific RAG augmentation

[sberyozkin]

Consider how Quarkus Authentication and LLM API Keys will work together.

I'm assuming, if I start a demo with an API key, in prod, it will be more like a company's API key. Depending on the nature of the service, it may be enough, for example, if it is a chat bot offered by a bank, then anyone (or any authenticated user, possibly with a specific role) can talk to it.

I'm not quite sure how the trust boundaries will form if there is a requirement to offer a user specific AI support in prod, for example, alice or bob, they may have their own augmentation documents not to be shared with anyone else.

I think #41 is very relevant, as well as #79, and #81. For example, a user logs in and possibly approves an LLM scope (#81), then a specific method with a RAG option (#41) requires a specific identity (and possibly role #79) for a user specific document only be fed into the LLM.

I guess, a custom RAG store can be a database, where the key is the user name and documents - the values. The rag store would support a request scope injection and have @Inject SecurityIdentity identity; and use the identity name to fetch the docs specific to this user identity only. I can give demoing it a try, may be as part of #81

[sberyozkin]

For example, https://github.com/quarkiverse/quarkus-langchain4j/blob/main/samples/chatbot/src/main/java/io/quarkiverse/langchain4j/sample/chatbot/IngestorExample.java, but I'm not sure how a user specific ingestion will work, for example the Redis store has add methods taking an id but I'm not sure how to tell LangChain that it is only a specific document that it can use to feed into LLM to satisfy the current request question.

Something to be discussed I guess going forward