Inject the UK federation trust roots in the aggregator version of the…

… UK federation collect flow.

mdx/uk/trust_roots.xsl

@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+	trust_roots.xsl
+	
+	XSL stylesheet that adds the UK federation's trust roots in to an
+	EntitiesDescriptor aggregate.
+	
+-->
+<xsl:stylesheet version="1.0"
+    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+
+	xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+    xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+	exclude-result-prefixes="md">
+
+	<!--Force UTF-8 encoding for the output.-->
+	<xsl:output omit-xml-declaration="no" method="xml" encoding="UTF-8" indent="yes"/>
+
+    <!--
+        The key authorities document is passed in as a parmeter.  This is an EntitiesDescriptor
+        with the KeyAuthority list as a child Extensions element.
+    -->
+    <xsl:param name="trustRootsDocument"/>
+
+	<!--
+		Inject the key authorities into the document EntitiesDescriptor element.
+	-->
+	<xsl:template match="/md:EntitiesDescriptor">
+		<xsl:copy>
+			<xsl:text>&#10;</xsl:text>
+			<xsl:apply-templates select="$trustRootsDocument//md:Extensions"/>
+			<xsl:text>&#10;</xsl:text>
+			<xsl:apply-templates/>
+		</xsl:copy>
+	</xsl:template>
+
+
+	<!--
+        *********************************************
+        ***                                       ***
+        ***   D E F A U L T   T E M P L A T E S   ***
+        ***                                       ***
+        *********************************************
+    -->
+
+
+	<!--By default, copy text blocks, comments and attributes unchanged.-->
+	<xsl:template match="text()|comment()|@*">
+		<xsl:copy/>
+	</xsl:template>
+
+	<!--By default, copy all elements from the input to the output, along with their attributes and contents.-->
+	<xsl:template match="*">
+		<xsl:copy>
+			<xsl:apply-templates select="node()|@*"/>
+		</xsl:copy>
+	</xsl:template>
+
+</xsl:stylesheet>

mdx/uk/uk-beans.xml

@@ -41,4 +41,39 @@
         </constructor-arg>
     </bean>
 
+    <!--
+        ukTrustRootsDocument
+        
+        This bean contains the contents of the master.xml file as a DOM Document.
+    -->
+    <bean id="ukTrustRootsDocument" class="net.shibboleth.ext.spring.factory.DomDocumentFactoryBean"
+        lazy-init="true">
+        <property name="parserPool" ref="parserPool"/>
+        <property name="documentResource">
+            <bean class="org.opensaml.util.resource.FilesystemResource">
+                <constructor-arg value="#{ systemProperties['basedir'] }/xml/master.xml"/>
+            </bean>
+        </property>
+    </bean>    
+
+    <!--
+        addUKTrustRoots
+        
+        This stage adds the UK federation trust roots to an EntitiesDescriptor.
+    -->
+    <bean id="addUKTrustRoots" class="net.shibboleth.metadata.dom.XSLTransformationStage"
+        init-method="initialize" lazy-init="true">
+        <property name="id" value="addUKTrustRoots"/>
+        <property name="xslResource">
+            <bean class="org.opensaml.util.resource.FilesystemResource">
+                <constructor-arg value="#{ systemProperties['basedir'] }/mdx/uk/trust_roots.xsl"/>
+            </bean>
+        </property>
+        <property name="transformParameters">
+            <map>
+                <entry key="trustRootsDocument" value-ref="ukTrustRootsDocument"/>
+            </map>
+        </property>
+    </bean>
+
 </beans>

mdx/uk/uk-collect.xml

@@ -111,6 +111,11 @@
                 -->
                 <ref bean="processScopes"/>
 
+                <!--
+                    Add the federation trust roots.
+                -->
+                <ref bean="addUKTrustRoots"/>
+
                 <!--
                     It's much faster to run this check on the EntitiesDescriptor because it
                     loads up a copy of members.xml every time it is used.  This should be