it seems there are few things that would need to be changed:
remove the need to acquire a token before calling the service
allow for a GET call instead of a POST call (we once looked at allowing POST calls too but this proved too problematic in combination with Shibbolized services)
For the rest it would be a matter of looking into the details described at:
Suggested by Friedel, see https://hlt.nwu.ac.za/
my first response by mail: