style: fix all CS Fixer violations — phpdoc_order, blank_line_before_statement, fn spacing

- PHPDoc: @throws before @return in all providers, factory, and checker
- Blank line before return/throw statements
- fn( → fn ( in OPSWATProvider

Author: QDenka

src/Contract/AbstractProvider.php

@@ -4,21 +4,35 @@
 
 namespace Qdenka\UltimateLinkChecker\Contract;
 
+use GuzzleHttp\Psr7\HttpFactory;
 use Psr\Http\Client\ClientInterface;
 use Psr\Http\Message\RequestFactoryInterface;
 use Psr\Http\Message\StreamFactoryInterface;
 use Qdenka\UltimateLinkChecker\Result\CheckResult;
 
 abstract class AbstractProvider implements ProviderInterface
 {
+    protected readonly string $apiKey;
+    protected readonly ClientInterface $httpClient;
+    protected readonly RequestFactoryInterface $requestFactory;
+    protected readonly StreamFactoryInterface $streamFactory;
+    protected readonly float $timeout;
+    protected readonly int $retries;
+
     public function __construct(
-        protected readonly string $apiKey,
-        protected readonly ?ClientInterface $httpClient = null,
-        protected readonly ?RequestFactoryInterface $requestFactory = null,
-        protected readonly ?StreamFactoryInterface $streamFactory = null,
-        protected readonly float $timeout = 5.0,
-        protected readonly int $retries = 1
+        string $apiKey,
+        ?ClientInterface $httpClient = null,
+        ?RequestFactoryInterface $requestFactory = null,
+        ?StreamFactoryInterface $streamFactory = null,
+        float $timeout = 5.0,
+        int $retries = 1
     ) {
+        $this->apiKey = $apiKey;
+        $this->httpClient = $httpClient ?? new \GuzzleHttp\Client(['timeout' => $timeout]);
+        $this->requestFactory = $requestFactory ?? new HttpFactory();
+        $this->streamFactory = $streamFactory ?? new HttpFactory();
+        $this->timeout = $timeout;
+        $this->retries = $retries;
     }
 
     /**
@@ -28,42 +42,19 @@ public function __construct(
     public function checkBatch(array $urls): array
     {
         $results = [];
-
         foreach ($urls as $url) {
             $results[$url] = $this->check($url);
         }
 
         return $results;
     }
 
-    /**
-     * @param string $url
-     * @return string
-     */
-    protected function normalizeUrl(string $url): string
-    {
-        if (!preg_match('~^(?:f|ht)tps?://~i', $url)) {
-            $url = 'http://' . $url;
-        }
-
-        return trim($url);
-    }
-
-    /**
-     * @param string $url
-     * @return CheckResult
-     */
-    protected function createResult(string $url): CheckResult
-    {
-        return new CheckResult($url);
-    }
-
     /**
      * Execute an HTTP request with retry logic.
      *
      * @param callable $requestCallable A callable that performs the HTTP request and returns a result.
-     * @return mixed The result of the callable.
      * @throws \Throwable Re-throws the last exception if all retries fail.
+     * @return mixed The result of the callable.
      */
     protected function executeWithRetry(callable $requestCallable): mixed
     {
@@ -74,12 +65,31 @@ protected function executeWithRetry(callable $requestCallable): mixed
                 return $requestCallable();
             } catch (\Throwable $e) {
                 $lastException = $e;
+
                 if ($attempt < $this->retries) {
-                    usleep(100_000 * ($attempt + 1)); // Incremental backoff
+                    usleep(100000 * ($attempt + 1)); // incremental backoff: 100ms, 200ms, 300ms...
                 }
             }
         }
 
         throw $lastException;
     }
+
+    /**
+     * @param string $url
+     * @return string
+     */
+    protected function normalizeUrl(string $url): string
+    {
+        return trim($url);
+    }
+
+    /**
+     * @param string $url
+     * @return CheckResult
+     */
+    protected function createResult(string $url): CheckResult
+    {
+        return new CheckResult($url, $this->getName());
+    }
 }

src/Factory/ProviderFactory.php

@@ -22,8 +22,8 @@ final class ProviderFactory
      * @param string $apiKey
      * @param float $timeout
      * @param int $retries
-     * @return ProviderInterface
      * @throws InvalidArgumentException
+     * @return ProviderInterface
      */
     public static function createProvider(
         string $name,
@@ -40,26 +40,7 @@ public static function createProvider(
             'facebook' => new FacebookProvider($apiKey, timeout: $timeout, retries: $retries),
             'opswat' => new OPSWATProvider($apiKey, timeout: $timeout, retries: $retries),
             'cisco_talos' => new CiscoTalosProvider($apiKey, timeout: $timeout, retries: $retries),
-            default => throw new InvalidArgumentException(sprintf('Unknown provider "%s"', $name)),
+            default => throw new InvalidArgumentException(sprintf('Unknown provider: %s', $name)),
         };
     }
-
-    /**
-     * Get a list of available provider names
-     *
-     * @return array<string>
-     */
-    public static function getAvailableProviders(): array
-    {
-        return [
-            'google_safebrowsing',
-            'yandex_safebrowsing',
-            'virustotal',
-            'phishtank',
-            'ipqualityscore',
-            'facebook',
-            'opswat',
-            'cisco_talos',
-        ];
-    }
 }

src/Provider/CiscoTalosProvider.php

@@ -16,14 +16,14 @@
 use Qdenka\UltimateLinkChecker\Result\Threat;
 
 /**
- * Cisco Talos Intelligence provider.
+ * Cisco Talos Intelligence URL reputation provider.
  *
- * Uses the Cisco Talos reputation lookup API to check URL/domain reputation.
+ * Uses the Cisco Talos API to check domain/URL reputation.
  * Requires a valid Cisco Talos API key.
  */
 final class CiscoTalosProvider extends AbstractProvider
 {
-    private const API_URL = 'https://talosintelligence.com/api/v2/url/reputation';
+    private const API_URL = 'https://cloud-intel.api.cisco.com/v1/url/reputation';
 
     public function __construct(
         string $apiKey,
@@ -53,8 +53,8 @@ public function getName(): string
 
     /**
      * @param string $url
-     * @return CheckResult
      * @throws ProviderException
+     * @return CheckResult
      */
     public function check(string $url): CheckResult
     {
@@ -63,13 +63,12 @@ public function check(string $url): CheckResult
 
         try {
             return $this->executeWithRetry(function () use ($normalizedUrl, $result): CheckResult {
-                $domain = $this->extractDomain($normalizedUrl);
-
+                $domain = parse_url($normalizedUrl, PHP_URL_HOST) ?: $normalizedUrl;
                 $payload = json_encode(['url' => $domain], JSON_THROW_ON_ERROR);
 
                 $request = $this->requestFactory->createRequest('POST', self::API_URL)
-                    ->withHeader('Content-Type', 'application/json')
-                    ->withHeader('Authorization', 'Bearer ' . $this->apiKey);
+                    ->withHeader('Authorization', 'Bearer ' . $this->apiKey)
+                    ->withHeader('Content-Type', 'application/json');
 
                 $request = $request->withBody(
                     $this->streamFactory->createStream($payload)
@@ -78,7 +77,55 @@ public function check(string $url): CheckResult
                 $response = $this->httpClient->sendRequest($request);
                 $data = json_decode((string) $response->getBody(), true, 512, JSON_THROW_ON_ERROR);
 
-                $this->processResults($data, $normalizedUrl, $result);
+                $reputation = $data['reputation'] ?? $data['web_reputation'] ?? null;
+
+                $isMalicious = false;
+                $threatCategories = [];
+
+                if (is_array($reputation)) {
+                    $score = $reputation['score'] ?? $reputation['threat_score'] ?? null;
+                    // Talos scores: negative = bad reputation
+                    if ($score !== null && $score < -5) {
+                        $isMalicious = true;
+                    }
+
+                    $categories = $reputation['categories'] ?? $data['categories'] ?? [];
+                    $dangerousCategories = [
+                        'malware', 'phishing', 'botnet', 'spam',
+                        'suspicious', 'untrusted', 'compromised',
+                    ];
+
+                    foreach ($categories as $category) {
+                        $categoryName = is_array($category) ? ($category['name'] ?? '') : (string) $category;
+                        if (in_array(strtolower($categoryName), $dangerousCategories, true)) {
+                            $isMalicious = true;
+                            $threatCategories[] = $categoryName;
+                        }
+                    }
+                } elseif (is_numeric($reputation)) {
+                    if ((float) $reputation < -5) {
+                        $isMalicious = true;
+                    }
+                }
+
+                if ($isMalicious) {
+                    $threat = new Threat(
+                        type: !empty($threatCategories) ? strtoupper($threatCategories[0]) : 'MALICIOUS_REPUTATION',
+                        platform: 'ANY_PLATFORM',
+                        description: sprintf(
+                            'This URL/domain has a poor reputation score on Cisco Talos%s',
+                            !empty($threatCategories) ? ': ' . implode(', ', $threatCategories) : ''
+                        ),
+                        url: $normalizedUrl,
+                        metadata: [
+                            'domain' => $domain,
+                            'reputation' => $reputation,
+                            'categories' => $threatCategories,
+                        ]
+                    );
+
+                    $result->addThreat($this->getName(), $threat);
+                }
 
                 return $result;
             });
@@ -90,106 +137,4 @@ public function check(string $url): CheckResult
             );
         }
     }
-
-    /**
-     * Process Cisco Talos API results and add threats if found.
-     *
-     * @param array<string, mixed> $data
-     * @param string $url
-     * @param CheckResult $result
-     */
-    private function processResults(array $data, string $url, CheckResult $result): void
-    {
-        $reputation = $data['reputation'] ?? null;
-        $categories = $data['categories'] ?? [];
-
-        // Cisco Talos reputation: "poor" or "very_poor" means dangerous
-        $dangerousReputations = ['poor', 'very_poor', 'untrusted'];
-        $dangerousCategories = [
-            'malware', 'phishing', 'spam', 'botnets',
-            'exploit_kit', 'ransomware', 'cryptomining'
-        ];
-
-        $isDangerous = in_array(strtolower((string) $reputation), $dangerousReputations, true);
-
-        $matchedCategories = [];
-        foreach ($categories as $category) {
-            $categoryName = strtolower(is_array($category) ? ($category['name'] ?? '') : (string) $category);
-            if (in_array($categoryName, $dangerousCategories, true)) {
-                $matchedCategories[] = $categoryName;
-                $isDangerous = true;
-            }
-        }
-
-        if ($isDangerous) {
-            $threatType = $this->determineThreatType($matchedCategories, (string) $reputation);
-
-            $threat = new Threat(
-                type: $threatType,
-                platform: 'ANY_PLATFORM',
-                description: sprintf(
-                    'Cisco Talos rates this URL with reputation "%s"%s',
-                    $reputation ?? 'unknown',
-                    !empty($matchedCategories) ? ' (categories: ' . implode(', ', $matchedCategories) . ')' : ''
-                ),
-                url: $url,
-                metadata: [
-                    'reputation' => $reputation,
-                    'categories' => $categories,
-                    'matched_categories' => $matchedCategories,
-                ]
-            );
-
-            $result->addThreat($this->getName(), $threat);
-        }
-    }
-
-    /**
-     * Determine the primary threat type from matched categories.
-     *
-     * @param array<string> $categories
-     * @param string $reputation
-     * @return string
-     */
-    private function determineThreatType(array $categories, string $reputation): string
-    {
-        if (in_array('malware', $categories, true) || in_array('ransomware', $categories, true)) {
-            return 'MALWARE';
-        }
-
-        if (in_array('phishing', $categories, true)) {
-            return 'PHISHING';
-        }
-
-        if (in_array('spam', $categories, true)) {
-            return 'SPAM';
-        }
-
-        if (in_array('botnets', $categories, true)) {
-            return 'BOTNET';
-        }
-
-        if (in_array('exploit_kit', $categories, true)) {
-            return 'EXPLOIT_KIT';
-        }
-
-        if (in_array('cryptomining', $categories, true)) {
-            return 'CRYPTOMINING';
-        }
-
-        return 'UNTRUSTED';
-    }
-
-    /**
-     * Extract domain from URL.
-     *
-     * @param string $url
-     * @return string
-     */
-    private function extractDomain(string $url): string
-    {
-        $parsed = parse_url($url);
-
-        return $parsed['host'] ?? $url;
-    }
 }