Add extension interface for resolving idrefs

[bworrell]

This is related to #98

At the moment, users have to manually dereference idrefs that they encounter. We brief this in our "Python Walkthrough", suggesting that users build up dictionaries and then use the dictionary to look up an id when they hit an idref.

Example:

ALL_TTPS = {}
for ttp in package.ttps:
    all_ttps[ttp.id_] = ttp  # build dictionary

# ...
# do some work and get an indicator
# ...

for indicated_ttp in indicator.indicated_ttps:
   ttp_id = indicated_ttp.item.idref
   ttp = ALL_TTPS[ttp_id]  # dereference indicated ttp idref

It would be nice to not require users to dereference that data themselves, and instead do it for them. This would normalize access of related items so items with an idref and fully defined items are accessed in the same way.

for indicated_ttp in indicator.indicated_ttps:
   ttp = indicated_ttp.item  # lookup of idref done behind the scenes
                             # no need to build a dictionary!

It was suggested that we could also provide an extension interface that allowed users to develop their own "idref lookup" code that would query their own backend storage. This means that if our lookup failed (as idrefs aren't required to resolve locally), their lookup method would be invoked and attempt to resolve the idref.

Example (none of this code actually works)

def parse_item(item):
    # do something to return a python-stix item

def my_resolver(id, connection_params):
   db = connection_manager.connection(connection_params)
   stix = db.stix
   item = stix.find_one({'id_': id})
   py_item = parse_item(item)

   return py_item

# now for the extension hook
stix.utils.idresolvers.add_resolver(my_resolver)

Thanks to @treyka for this idea! (hopefully I'm recording it accurately)

[gtback]

I did something related in python-cybox. I'm not sure how/if it could be leveraged here:

https://github.com/CybOXProject/python-cybox/blob/master/cybox/utils/caches.py