InvalidMechanism exception hardcodes the list of auth mechanisms:
There are three problems with this list:
1. It's missing scram and scram256.
2. The set of accepted mechanisms depends on whether kerberos support is loaded. When kerberos support is not loaded, gssapi will be rejected and this message will be very confusing.
3. The mechanisms are supposed to be passed as symbols, which this message is not suggesting at all.