diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 9d77a90c5416b..e5d2717251970 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -15,6 +15,7 @@
 use OC\Authentication\TwoFactorAuth\Manager as TwoFactorAuthManager;
 use OC\Hooks\Emitter;
 use OC\Hooks\PublicEmitter;
+use OC\Security\CSRF\CsrfTokenManager;
 use OC_User;
 use OC_Util;
 use OCA\DAV\Connector\Sabre\Auth;
@@ -531,7 +532,7 @@ protected function prepareUserLogin($firstTimeLogin, $refreshCsrfToken = true) {
 		if ($refreshCsrfToken) {
 			// TODO: mock/inject/use non-static
 			// Refresh the token
-			\OC::$server->getCsrfTokenManager()->refreshToken();
+			\OC::$server->get(CsrfTokenManager::class)->refreshToken();
 		}
 
 		if ($firstTimeLogin) {
diff --git a/lib/public/Util.php b/lib/public/Util.php
index 179d4066c9b9b..4cee9addf100a 100644
--- a/lib/public/Util.php
+++ b/lib/public/Util.php
@@ -13,6 +13,7 @@
 use bantu\IniGetWrapper\IniGetWrapper;
 use OC\AppScriptDependency;
 use OC\AppScriptSort;
+use OC\Security\CSRF\CsrfTokenManager;
 use OCP\L10N\IFactory;
 use OCP\Mail\IMailer;
 use OCP\Share\IManager;
@@ -394,7 +395,7 @@ public static function emitHook($signalclass, $signalname, $params = []) {
 	 */
 	public static function callRegister() {
 		if (self::$token === '') {
-			self::$token = \OC::$server->getCsrfTokenManager()->getToken()->getEncryptedValue();
+			self::$token = \OC::$server->get(CsrfTokenManager::class)->getToken()->getEncryptedValue();
 		}
 		return self::$token;
 	}