diff --git a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
index 115a8235983..658a120320e 100644
--- a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
+++ b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
@@ -18,7 +18,6 @@ use OCP\Authentication\TwoFactorAuth\ALoginSetupController;
 use OCP\ISession;
 use OCP\IUserSession;
 use Psr\Log\LoggerInterface;
-use ReflectionMethod;
 
 // Will close the session if the user session is ephemeral.
 // Happens when the user logs in via the login flow v2.
@@ -61,12 +60,7 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware {
 			return;
 		}
 
-		$reflectionMethod = new ReflectionMethod($controller, $methodName);
-		if (!empty($reflectionMethod->getAttributes(PublicPage::class))) {
-			return;
-		}
-
-		if ($this->reflector->hasAnnotation('PublicPage')) {
+		if ($this->reflector->hasAnnotationOrAttribute('PublicPage', PublicPage::class)) {
 			return;
 		}
 
diff --git a/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php b/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php
index 0facbffe504..718dabb2c70 100644
--- a/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php
@@ -45,9 +45,7 @@ class PasswordConfirmationMiddleware extends Middleware {
 	 * @throws NotConfirmedException
 	 */
 	public function beforeController(Controller $controller, string $methodName) {
-		$reflectionMethod = new ReflectionMethod($controller, $methodName);
-
-		if (!$this->needsPasswordConfirmation($reflectionMethod)) {
+		if (!$this->needsPasswordConfirmation()) {
 			return;
 		}
 
@@ -78,6 +76,7 @@ class PasswordConfirmationMiddleware extends Middleware {
 			return;
 		}
 
+		$reflectionMethod = new ReflectionMethod($controller, $methodName);
 		if ($this->isPasswordConfirmationStrict($reflectionMethod)) {
 			$authHeader = $this->request->getHeader('Authorization');
 			if (!str_starts_with(strtolower($authHeader), 'basic ')) {
@@ -100,18 +99,8 @@ class PasswordConfirmationMiddleware extends Middleware {
 		}
 	}
 
-	private function needsPasswordConfirmation(ReflectionMethod $reflectionMethod): bool {
-		$attributes = $reflectionMethod->getAttributes(PasswordConfirmationRequired::class);
-		if (!empty($attributes)) {
-			return true;
-		}
-
-		if ($this->reflector->hasAnnotation('PasswordConfirmationRequired')) {
-			$this->logger->debug($reflectionMethod->getDeclaringClass()->getName() . '::' . $reflectionMethod->getName() . ' uses the @' . 'PasswordConfirmationRequired' . ' annotation and should use the #[PasswordConfirmationRequired] attribute instead');
-			return true;
-		}
-
-		return false;
+	private function needsPasswordConfirmation(): bool {
+		return $this->reflector->hasAnnotationOrAttribute('PasswordConfirmationRequired', PasswordConfirmationRequired::class);
 	}
 
 	private function isPasswordConfirmationStrict(ReflectionMethod $reflectionMethod): bool {
diff --git a/lib/private/AppFramework/Middleware/SessionMiddleware.php b/lib/private/AppFramework/Middleware/SessionMiddleware.php
index b7b0fb118c2..84f6c4ddb45 100644
--- a/lib/private/AppFramework/Middleware/SessionMiddleware.php
+++ b/lib/private/AppFramework/Middleware/SessionMiddleware.php
@@ -14,7 +14,6 @@ use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\Middleware;
 use OCP\ISession;
-use ReflectionMethod;
 
 class SessionMiddleware extends Middleware {
 	/** @var ControllerMethodReflector */
@@ -34,18 +33,7 @@ class SessionMiddleware extends Middleware {
 	 * @param string $methodName
 	 */
 	public function beforeController($controller, $methodName) {
-		/**
-		 * Annotation deprecated with Nextcloud 26
-		 */
-		$hasAnnotation = $this->reflector->hasAnnotation('UseSession');
-		if ($hasAnnotation) {
-			$this->session->reopen();
-			return;
-		}
-
-		$reflectionMethod = new ReflectionMethod($controller, $methodName);
-		$hasAttribute = !empty($reflectionMethod->getAttributes(UseSession::class));
-		if ($hasAttribute) {
+		if ($this->reflector->hasAnnotationOrAttribute('UseSession', UseSession::class)) {
 			$this->session->reopen();
 		}
 	}
@@ -57,18 +45,7 @@ class SessionMiddleware extends Middleware {
 	 * @return Response
 	 */
 	public function afterController($controller, $methodName, Response $response) {
-		/**
-		 * Annotation deprecated with Nextcloud 26
-		 */
-		$hasAnnotation = $this->reflector->hasAnnotation('UseSession');
-		if ($hasAnnotation) {
-			$this->session->close();
-			return $response;
-		}
-
-		$reflectionMethod = new ReflectionMethod($controller, $methodName);
-		$hasAttribute = !empty($reflectionMethod->getAttributes(UseSession::class));
-		if ($hasAttribute) {
+		if ($this->reflector->hasAnnotationOrAttribute('UseSession', UseSession::class)) {
 			$this->session->close();
 		}