As is specified XMPP's wiki an added security and performance (less cpu time, memory usage, energy consumption and heat) feature is to store the users clientKey instead of password for future SCRAM authentication. I think creating an AuthInstance Class would be the best way to go about it. AuthInstance could have the username, password, iterations and salt during initial authentication, but could save username, saltedPassword, clientKey, iterations and clippedSalt for future authentication. Saving the saltedPassword, iterations and clippedSalt allows the client to either respond in the case of changed future authentication like if the server increased the iteration count and check to see if the password storage was fully rest which would change the salt. Only a clipped portion of the salt needs to be stored to see if the server changed the salt, this will make reversing the hash offline much harder. The repo would have an added parameter to the ScramSaslHandler or another function that takes AuthInstance as its argument.
As is specified XMPP's wiki an added security and performance (less cpu time, memory usage, energy consumption and heat) feature is to store the users clientKey instead of password for future SCRAM authentication. I think creating an AuthInstance Class would be the best way to go about it. AuthInstance could have the username, password, iterations and salt during initial authentication, but could save username, saltedPassword, clientKey, iterations and clippedSalt for future authentication. Saving the saltedPassword, iterations and clippedSalt allows the client to either respond in the case of changed future authentication like if the server increased the iteration count and check to see if the password storage was fully rest which would change the salt. Only a clipped portion of the salt needs to be stored to see if the server changed the salt, this will make reversing the hash offline much harder. The repo would have an added parameter to the ScramSaslHandler or another function that takes AuthInstance as its argument.