diff --git a/lib/SimpleSAML/Auth/State.php b/lib/SimpleSAML/Auth/State.php
index 032d004733f5fb6536244fa3bb60375f8c862afc..b43f48f1b1b7242adb1e824aeab6e04e84c03642 100644
--- a/lib/SimpleSAML/Auth/State.php
+++ b/lib/SimpleSAML/Auth/State.php
@@ -389,7 +389,6 @@ class State
             $id = $_REQUEST[self::EXCEPTION_PARAM];
         }
 
-        /** @var array $state */
         $state = self::loadState($id, self::EXCEPTION_STAGE);
         Assert::keyExists($state, self::EXCEPTION_DATA);
 
diff --git a/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php b/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php
index e5b02908c62c31a37e43f891d3d05afb973ea6f7..fd1829e318b12d68756bbded1c4916306ce9e40a 100644
--- a/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php
+++ b/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php
@@ -107,7 +107,6 @@ class TraditionalLogoutHandler implements LogoutHandlerInterface
             throw new Error\Exception('RelayState lost during logout.');
         }
 
-        /** @psalm-var array $state */
         $state = Auth\State::loadState($relayState, 'core:LogoutTraditional');
 
         if ($error === null) {
diff --git a/lib/SimpleSAML/Utils/Attributes.php b/lib/SimpleSAML/Utils/Attributes.php
index af6edfb868fb98c17c3d65540122bcec6b3383d6..791e4da448141e747b170e55e8a21585d4b0627d 100644
--- a/lib/SimpleSAML/Utils/Attributes.php
+++ b/lib/SimpleSAML/Utils/Attributes.php
@@ -72,7 +72,6 @@ class Attributes
         $newAttrs = [];
         foreach ($attributes as $name => $values) {
             if (!is_string($name)) {
-                /** @var string $name */
                 $name = print_r($name, true);
                 throw new InvalidArgumentException(sprintf('Invalid attribute name: "%s".', $name));
             }
@@ -82,7 +81,6 @@ class Attributes
 
             foreach ($values as $value) {
                 if (!is_string($value)) {
-                    /** @var string $value */
                     $value = print_r($value, true);
                     throw new InvalidArgumentException(
                         sprintf('Invalid attribute value for attribute %s: "%s".', $name, $value)
diff --git a/modules/core/lib/Auth/UserPassBase.php b/modules/core/lib/Auth/UserPassBase.php
index 11f18f1d44de0affc33b0279f3cb0ade76a3ebb3..c8630b4bf2ce073d6a6f3475dbcbc94255e1516f 100644
--- a/modules/core/lib/Auth/UserPassBase.php
+++ b/modules/core/lib/Auth/UserPassBase.php
@@ -284,7 +284,6 @@ abstract class UserPassBase extends Auth\Source
     public static function handleLogin(string $authStateId, string $username, string $password): void
     {
         // Here we retrieve the state array we saved in the authenticate-function.
-        /** @var array $state */
         $state = Auth\State::loadState($authStateId, self::STAGEID);
 
         // Retrieve the authentication source we are executing.
diff --git a/modules/core/lib/Auth/UserPassOrgBase.php b/modules/core/lib/Auth/UserPassOrgBase.php
index aaed8a59a5bb237011e2fbcdeaaa2c877b3d9aa7..a85839859a17ab2c846b5a2d5a68e167ed7c0f7e 100644
--- a/modules/core/lib/Auth/UserPassOrgBase.php
+++ b/modules/core/lib/Auth/UserPassOrgBase.php
@@ -270,7 +270,6 @@ abstract class UserPassOrgBase extends Auth\Source
         string $organization
     ): void {
         /* Retrieve the authentication state. */
-        /** @var array $state */
         $state = Auth\State::loadState($authStateId, self::STAGEID);
 
         /* Find authentication source. */
@@ -330,7 +329,6 @@ abstract class UserPassOrgBase extends Auth\Source
     public static function listOrganizations(string $authStateId): ?array
     {
         /* Retrieve the authentication state. */
-        /** @var array $state */
         $state = Auth\State::loadState($authStateId, self::STAGEID);
 
         /* Find authentication source. */
diff --git a/modules/core/lib/Controller/Exception.php b/modules/core/lib/Controller/Exception.php
index b5a758c39dceb23473d721a8d5cd41ba0ac9b162..18067fb6c6df58cb0ac542fea502e5992b3e6685 100644
--- a/modules/core/lib/Controller/Exception.php
+++ b/modules/core/lib/Controller/Exception.php
@@ -65,9 +65,7 @@ class Exception
             throw new Error\BadRequest('Missing required StateId query parameter.');
         }
 
-        /** @var array $state */
         $state = Auth\State::loadState($stateId, 'core:cardinality');
-
         Logger::stats(
             'core:cardinality:error ' . $state['Destination']['entityid'] . ' ' . $state['saml:sp:IdP'] .
             ' ' . implode(',', array_keys($state['core:cardinality:errorAttributes']))
@@ -126,7 +124,6 @@ class Exception
             throw new Error\BadRequest('Missing required StateId query parameter.');
         }
 
-        /** @var array $state */
         $state = Auth\State::loadState($stateId, 'core:short_sso_interval');
 
         $continue = $request->query->get('continue', false);
diff --git a/modules/core/www/idp/logout-iframe-done.php b/modules/core/www/idp/logout-iframe-done.php
index ca1618dfcd4e5cef624f9b6e613a7e5424f6cea0..2e5c759b0711b1f56a7a16b929bce88b76c4b6b7 100644
--- a/modules/core/www/idp/logout-iframe-done.php
+++ b/modules/core/www/idp/logout-iframe-done.php
@@ -4,7 +4,6 @@ if (!isset($_REQUEST['id'])) {
     throw new \SimpleSAML\Error\BadRequest('Missing required parameter: id');
 }
 
-/** @psalm-var array $state */
 $state = \SimpleSAML\Auth\State::loadState($_REQUEST['id'], 'core:Logout-IFrame');
 $idp = \SimpleSAML\IdP::getByState($state);
 
diff --git a/modules/core/www/idp/logout-iframe.php b/modules/core/www/idp/logout-iframe.php
index 759e6fdf8b7f55417f25cbfbfae6aac341f0e0e4..34c5ae32e0c455670d4f9a99bc554c092ddbe418 100644
--- a/modules/core/www/idp/logout-iframe.php
+++ b/modules/core/www/idp/logout-iframe.php
@@ -18,7 +18,6 @@ if ($type !== 'embed') {
     \SimpleSAML\Stats::log('core:idp:logout-iframe:page', ['type' => $type]);
 }
 
-/** @psalm-var array $state */
 $state = \SimpleSAML\Auth\State::loadState($_REQUEST['id'], 'core:Logout-IFrame');
 $idp = \SimpleSAML\IdP::getByState($state);
 $mdh = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler();
diff --git a/modules/core/www/idp/resumelogout.php b/modules/core/www/idp/resumelogout.php
index 5f90c0bca8b2f7cff6b2f265b9cb7e40a7ebc2a9..656885f443fc98d166c3a7e48d043f8b8a74df1c 100644
--- a/modules/core/www/idp/resumelogout.php
+++ b/modules/core/www/idp/resumelogout.php
@@ -4,7 +4,6 @@ if (!isset($_REQUEST['id'])) {
     throw new \SimpleSAML\Error\BadRequest('Missing id-parameter.');
 }
 
-/** @psalm-var array $state */
 $state = \SimpleSAML\Auth\State::loadState($_REQUEST['id'], 'core:Logout:afterbridge');
 $idp = \SimpleSAML\IdP::getByState($state);
 
diff --git a/modules/core/www/loginuserpass.php b/modules/core/www/loginuserpass.php
index b770b889bcae057fdfd7f81975a3a017014a6678..45b6207c4aeecce1b41fcd7253a1701d13de7899 100644
--- a/modules/core/www/loginuserpass.php
+++ b/modules/core/www/loginuserpass.php
@@ -13,7 +13,6 @@ if (!array_key_exists('AuthState', $_REQUEST)) {
     throw new \SimpleSAML\Error\BadRequest('Missing AuthState parameter.');
 }
 $authStateId = $_REQUEST['AuthState'];
-/** @var array $state */
 $state = \SimpleSAML\Auth\State::loadState($authStateId, \SimpleSAML\Module\core\Auth\UserPassBase::STAGEID);
 
 /** @var \SimpleSAML\Module\core\Auth\UserPassBase|null $source */
diff --git a/modules/core/www/loginuserpassorg.php b/modules/core/www/loginuserpassorg.php
index 44f5d39c91cdec5e5475345d5fbe3e8396ffabd3..00bc014f183d5cf2ae183bded92ad871d6dadc02 100644
--- a/modules/core/www/loginuserpassorg.php
+++ b/modules/core/www/loginuserpassorg.php
@@ -14,7 +14,6 @@ if (!array_key_exists('AuthState', $_REQUEST)) {
 }
 $authStateId = $_REQUEST['AuthState'];
 
-/** @var array $state */
 $state = \SimpleSAML\Auth\State::loadState($authStateId, \SimpleSAML\Module\core\Auth\UserPassOrgBase::STAGEID);
 
 /** @var \SimpleSAML\Module\core\Auth\UserPassOrgBase $source */
diff --git a/modules/exampleauth/lib/Auth/Source/External.php b/modules/exampleauth/lib/Auth/Source/External.php
index 6e7d5166f7b526b5b6378b9908a9a89732aa4b16..39b7063ceea9839db938f0f929b4822c75377fa1 100644
--- a/modules/exampleauth/lib/Auth/Source/External.php
+++ b/modules/exampleauth/lib/Auth/Source/External.php
@@ -203,7 +203,6 @@ class External extends Auth\Source
          * Once again, note the second parameter to the loadState function. This must
          * match the string we used in the saveState-call above.
          */
-        /** @var array $state */
         $state = Auth\State::loadState($request->query->get('State'), 'exampleauth:External');
 
         /*
diff --git a/modules/exampleauth/lib/Controller/ExampleAuth.php b/modules/exampleauth/lib/Controller/ExampleAuth.php
index aed747526005e500030e2ba106c2fd9e56cf5e80..961fbfe6859a7e71ca718f9ca707f3a9ffe095ba 100644
--- a/modules/exampleauth/lib/Controller/ExampleAuth.php
+++ b/modules/exampleauth/lib/Controller/ExampleAuth.php
@@ -185,7 +185,6 @@ class ExampleAuth
             throw new Error\BadRequest('Missing required StateId query parameter.');
         }
 
-        /** @var array $state */
         $state = $this->authState::loadState($stateId, 'exampleauth:redirectfilter-test');
         $state['Attributes']['RedirectTest2'] = ['OK'];
 
diff --git a/modules/multiauth/lib/Controller/DiscoController.php b/modules/multiauth/lib/Controller/DiscoController.php
index 6f0694ae041887d1ad84d710d1d733e34253b770..09f577e9fc99acdb7cd132d183901eff8a0d27ca 100644
--- a/modules/multiauth/lib/Controller/DiscoController.php
+++ b/modules/multiauth/lib/Controller/DiscoController.php
@@ -103,7 +103,6 @@ class DiscoController
             throw new Error\BadRequest('Missing AuthState parameter.');
         }
 
-        /** @var array $state */
         $state = $this->authState::loadState($authStateId, MultiAuth::STAGEID);
 
         $as = null;
diff --git a/modules/saml/www/proxy/invalid_session.php b/modules/saml/www/proxy/invalid_session.php
index 5a95f2a78e40fb5f7c3f74819e6dbbf0a2bc54d1..5181da60efe2ee7f24394834ceceb95404f30965 100644
--- a/modules/saml/www/proxy/invalid_session.php
+++ b/modules/saml/www/proxy/invalid_session.php
@@ -15,11 +15,9 @@ if (!array_key_exists('AuthState', $_REQUEST)) {
 
 try {
     // try to get the state
-    /** @var array $state  State can never be null without a third argument */
     $state = \SimpleSAML\Auth\State::loadState($_REQUEST['AuthState'], 'saml:proxy:invalid_idp');
 } catch (\Exception $e) {
     // the user probably hit the back button after starting the logout, try to recover the state with another stage
-    /** @var array $state  State can never be null without a third argument */
     $state = \SimpleSAML\Auth\State::loadState($_REQUEST['AuthState'], 'core:Logout:afterbridge');
 
     // success! Try to continue with reauthentication, since we no longer have a valid session here
diff --git a/modules/saml/www/sp/discoresp.php b/modules/saml/www/sp/discoresp.php
index 28d855a7c04c114ff10375f481e3d083d3c0d838..5944cfae5b1dad4356d6ab046bdf8451c5fb63af 100644
--- a/modules/saml/www/sp/discoresp.php
+++ b/modules/saml/www/sp/discoresp.php
@@ -16,7 +16,6 @@ if (!array_key_exists('idpentityid', $_REQUEST)) {
     throw new Error\BadRequest('Missing idpentityid to discovery service response handler');
 }
 
-/** @var array $state */
 $state = Auth\State::loadState($_REQUEST['AuthID'], 'saml:sp:sso');
 
 // Find authentication source