diff --git a/core/ajax/update.php b/core/ajax/update.php
index dae08ad0882f9..48fe0b1fcc15f 100644
--- a/core/ajax/update.php
+++ b/core/ajax/update.php
@@ -52,7 +52,7 @@
 
 $l = \OC::$server->getL10N('core');
 
-$eventSource = \OC::$server->createEventSource();
+$eventSource = \OC::$server->get(IEventSource::class);
 // need to send an initial message to force-init the event source,
 // which will then trigger its own CSRF check and produces its own CSRF error
 // message
diff --git a/lib/private/Server.php b/lib/private/Server.php
index bb4e217efa3bb..507ebd46f2e44 100644
--- a/lib/private/Server.php
+++ b/lib/private/Server.php
@@ -1461,6 +1461,8 @@ public function __construct($webRoot, \OC\Config $config) {
 
 		$this->registerAlias(ISpeechToTextManager::class, SpeechToTextManager::class);
 
+		$this->registerAlias(\OCP\IEventSource::class, \OC_EventSource::class);
+
 		$this->connectDispatcher();
 	}
 
@@ -1922,16 +1924,6 @@ public function getHTTPClientService() {
 		return $this->get(IClientService::class);
 	}
 
-	/**
-	 * Create a new event source
-	 *
-	 * @return \OCP\IEventSource
-	 * @deprecated 20.0.0
-	 */
-	public function createEventSource() {
-		return new \OC_EventSource();
-	}
-
 	/**
 	 * Get the active event logger
 	 *
diff --git a/lib/private/legacy/OC_EventSource.php b/lib/private/legacy/OC_EventSource.php
index c733316050f49..cd72ba1f2d558 100644
--- a/lib/private/legacy/OC_EventSource.php
+++ b/lib/private/legacy/OC_EventSource.php
@@ -1,4 +1,7 @@
 <?php
+
+use OCP\IRequest;
+
 /**
  * @copyright Copyright (c) 2016, ownCloud, Inc.
  *
@@ -42,6 +45,12 @@ class OC_EventSource implements \OCP\IEventSource {
 	 */
 	private $started = false;
 
+	private IRequest $request;
+
+	public function __construct(IRequest $request) {
+		$this->request = $request;
+	}
+
 	protected function init() {
 		if ($this->started) {
 			return;
@@ -71,11 +80,11 @@ protected function init() {
 		} else {
 			header("Content-Type: text/event-stream");
 		}
-		if (!\OC::$server->getRequest()->passesStrictCookieCheck()) {
+		if (!$this->request->passesStrictCookieCheck()) {
 			header('Location: '.\OC::$WEBROOT);
 			exit();
 		}
-		if (!\OC::$server->getRequest()->passesCSRFCheck()) {
+		if (!$this->request->passesCSRFCheck()) {
 			$this->send('error', 'Possible CSRF attack. Connection will be closed.');
 			$this->close();
 			exit();
diff --git a/lib/public/IServerContainer.php b/lib/public/IServerContainer.php
index c69dab8b3c6fd..f438838b98e6c 100644
--- a/lib/public/IServerContainer.php
+++ b/lib/public/IServerContainer.php
@@ -395,15 +395,6 @@ public function getSearch();
 	 */
 	public function getCertificateManager();
 
-	/**
-	 * Create a new event source
-	 *
-	 * @return \OCP\IEventSource
-	 * @since 8.0.0
-	 * @deprecated 20.0.0 have it injected or fetch it through \Psr\Container\ContainerInterface::get
-	 */
-	public function createEventSource();
-
 	/**
 	 * Returns an instance of the HTTP client service
 	 *