Hello, is there a way I can handle extra LDAP attributes sent by the IDP client using picketlink's SP. I have searched the web and I cannot find anything pertaining to that
Sure, there is a way. You should configure SAML2AttributeHandler for your SP - see SAML2AttributeHandler. And then IDP-returned attributes will be available under the user's HttpSession at SP.