I see your point, but I think the issue is that (I guess programmatically) sending a token through a password form is what can technically cause this to be similar to the RFC in question, but where I would personally not even try to make that comparison as I the thing I would be calling similar is already being abused.
In other words, you’re abusing the passive endpoint for a WS-Federation flow and really calling it programmatically as if it was more an active endpoint. It’s been a while since I worked with WS-* family, but I think if programmatic retrieval of assertions is needed this kind of steps more in the territory of WS-Trust than WS-federation passive authentication.