diff --git a/modules/saml2/lib/Message.php b/modules/saml2/lib/Message.php
index dc11c24a785f03efc4b5881fcab9180ac304cf7b..705bde06c42fd67259802c86d4f7d8a8f2686e01 100644
--- a/modules/saml2/lib/Message.php
+++ b/modules/saml2/lib/Message.php
@@ -667,6 +667,23 @@ class sspmod_saml2_Message {
 		}
 
 		/* As far as we can tell, the assertion is valid. */
+
+
+		/* Maybe we need to base64 decode the attributes in the assertion? */
+		if ($idpMetadata->getBoolean('base64attributes', FALSE)) {
+			$attributes = $assertion->getAttributes();
+			$newAttributes = array();
+			foreach ($attributes as $name => $values) {
+				$newAttributes[$name] = array();
+				foreach ($values as $value) {
+					foreach(explode('_', $value) AS $v) {
+						$newAttributes[$name][] = base64_decode($v);
+					}
+				}
+			}
+			$assertion->setAttributes($newAttributes);
+		}
+
 		return $assertion;
 	}