This ticket is merely a question to start a discussion.

Currently, the library uses the following constructor for initialization (link):

public Builder(final byte[] secret) {

A shared secret is a byte sequence, also commonly represented as a Base32 string (example).

However, the builder constructor consumes neither of them, but instead a byte array which is a Base32 secret encoded with a standard charset (secret.getBytes(), e.g. here):

private final static String secret = "vv3kox7uqj4kyakohmzpph3us4cjimh6f3zknb5c2oobq6v2kiyhm27q";
...
TOTPGenerator generator = new TOTPGenerator.Builder(secret.getBytes()).withHOTPGenerator(builder -> {

It's unclear why it has to be like that, since the encoded-string secret is later converted to a correct shared secret anyway:

private final byte[] secret;
...
byte[] secretBytes = decodeBase32(secret);

I recently spent a few hours trying to understand why the library wasn't working when I was passing a correct shared secret to it.

This is confusing.

Would that be possible to add a javadoc explaining what should be passed as byte[] secret, or a Builder constructor consuming String secret, or...?

I could create a PR, but first I would like to have a conversation.