I recall the following statement didn't provide enough implementation details:
CAS uses an HTTP GET request to pass the HTTP request parameters "pgtId" and "pgtIou" to the pgtUrl. These entities are discussed in Sections 3.3 and 3.4, respectively.
When working on the Shib-CAS plugin, I had to review CAS server source to fill in some blanks. I don't recall exactly what was unclear, but I believe it related to the exact mechanics of constructing the callback URL and what to do with the server-side identifiers on success.
Furthermore, the recommendation of extending user attributes is preferred to match the default impl: