Implement initial debian purl2meta implementation

Reference: #245
Signed-off-by: Ayan Sinha Mahapatra <ayansmahapatra@gmail.com>

Author: AyanSinhaMahapatra

minecode/utils.py

@@ -238,6 +238,44 @@ def get_http_response(uri, timeout=10):
     return response
 
 
+def get_package_sha1(package):
+    """
+    Return the sha1 value for `package` by checking if the sha1 file exists for
+    `package` on maven and returning the contents if it does.
+
+    If the sha1 is invalid, we download the package's JAR and calculate the sha1
+    from that.
+    """
+    download_url = package.repository_download_url
+    sha1_download_url = f'{download_url}.sha1'
+    response = requests.get(sha1_download_url)
+    if response.ok:
+        sha1_contents = response.text.strip().split()
+        sha1 = sha1_contents[0]
+        sha1 = validate_sha1(sha1)
+        if not sha1:
+            # Download JAR and calculate sha1 if we cannot get it from the repo
+            response = requests.get(download_url)
+            if response:
+                sha1_hash = hashlib.new('sha1', response.content)
+                sha1 = sha1_hash.hexdigest()
+        return sha1
+
+
+def validate_sha1(sha1):
+    """
+    Validate a `sha1` string.
+
+    Return `sha1` if it is valid, None otherwise.
+    """
+    if sha1 and len(sha1) != 40:
+        logger.warning(
+            f'Invalid SHA1 length ({len(sha1)}): "{sha1}": SHA1 ignored!'
+        )
+        sha1 = None
+    return sha1
+
+
 def system_temp_dir(temp_dir=os.getenv('MINECODE_TMP')):
     """
     Return the global temp directory..