Your SCRAM implementation is not RFC conformant: https://github.com/maranda/metronome/blob/development/util/sasl/scram.lua#L204
RFC 5802 section 5.1 (last bullet point) states:
Unknown optional extensions MUST be ignored upon receipt.
Only mandatory options should result in an error, if unsupported by one party. To quote the RFC again:
Mandatory extensions sent by one peer but not understood by the
other MUST cause authentication failure (the server SHOULD send
the "extensions-not-supported" server-error-value).
Your SCRAM implementation is not RFC conformant: https://github.com/maranda/metronome/blob/development/util/sasl/scram.lua#L204
RFC 5802 section 5.1 (last bullet point) states:
Unknown optional extensions MUST be ignored upon receipt.Only mandatory options should result in an error, if unsupported by one party. To quote the RFC again: