I'm trying to access a file that requires authentication using the UrlFetchApp function in google scripts, the code successfully logs onto the site, but using the received cookie doesn't allow access to further pages. I suspect I need to add and/remove some elements in the cookie but don't know how to modify it.

The browser sends the following headers back to the server when it accesses the page:

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.5
Connection: keep-alive
Cookie: userLang=en-GB; .ASPXAUTH=EA0D4BD7BB96D9152D865B70670B93ABB99EF2C1B8D75270D66AB467D5931C4BBE32F190AEF8BB0ADFB519D9C0F598033C2923451B1DE5A877F780C627AF5B27AB20DE2EC2AD71552B710BCB14BF47F6801AEADCDF2EA48BCC51ED05DB107B68DD1F17319CCB5DE03D27814FA142F6073527BDBC08BCD41056320F5E05A3B9A39B1E4E3A176B74F056DEA27DFFF74EA19C79E4BB4003644490D7337A519844BA8BF121CBEED197C584DB8AD4DA6122E6; 
ASP.NET_SessionId=5b0fwgqbsjjbutmifmw2e1jc; 
__RequestVerificationToken_L2FwcA2=3HFWt6okZixIdjZk2t0kzMp5vOhGbyHHnn3WekqAOM5sJe8OxzEfMOWyajXCb3SmpllSH88cioCLDYtM5y4fWsXkR5Y_G3DLggSAYduEDn81; 
_ga=GA1.2.457212881.1522914125; _gid=GA1.2.870864118.1522914125
Host: standing-order.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:59.0) 
Gecko/20100101 Firefox/59.0

The Cookie that I receive from a successful google scripts login looks like:

ASP.NET_SessionId=xw5ewo5c40nvxktozjblrbz4; path=/; HttpOnly, 
.ASPXBrowserOverride=; expires=Wed, 04-Apr-2018 11:00:16 GMT; path=/; 
HttpOnly, 
.ASPXAUTH=23B38F90FA07516DAA254704615AD4FF41EAECFBB9686004257650E0DECA6EB9B04C6A4FB6A5B72A585456D6328EC43F5309A801E14EAC95977208888801A18769F13D3FE39BAD362223FBD588D7519D11BAD8B3C14E09B95F89EAD9115B842B664DC020AB3F3FDDBB44EF585F39F5DF0431BA23B0F06B6294FBE5A2EC19CECDB4635F4FA833E3EF5A594CC065FAB90FB0DE8C6652AFACC8CF3C9D91DB0F3E203AF0A05A605BB4F48807B7DF6F844A63; 
path=/app/lbc; HttpOnly

I'm using the following snippet of code for authentication: (the above cookie is the "sessionDetails" variable)

var sessionDetails = response.getAllHeaders()['Set-Cookie'];

UrlFetchApp.fetch("https://website.com/...", 
                              {"headers" : {"Cookie" : sessionDetails},
                           "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
                           "Accept-Encoding": "gzip, deflate",
                           "Accept-Language": "en-US,en;q=0.5",
                           "Connection": "keep-alive",
                           "Host": "standing-order.com",
                           "Upgrade-Insecure-Requests": "1" 
                           }); 

Can anyone say which elements might be causing the problems with authentication, and how to modify the cookie to match?

I have found the responses in this thread helpful, but it hasn't solved the problem: Google Apps Script login to website with HTTP request

I don't know if this is the "right" way to do this, but I've been able to get this to work on a few different websites by using regex to extract the part of the cookie I need in order to match the cookie parameters sent by the browser. Apparently, you can leave out the expires=, path=, and HttpOnly bits.

function getCookieFromResponse(response) {
  var sessionDetails = response.getAllHeaders()['Set-Cookie'];
  if (!sessionDetails) {
    throw "No cookies found";
  };
  var cookie = "userLang=en-GB;" // The site seems to want this, but it's not in the response headers. It might not be necessary
  var searchResults = sessionDetails.match(/ASP\.NET_SessionId=[a-z0-9]+;/);  //modify as needed to match the cookies your browser sends
  if (searchResults) {
    cookie = cookie + searchResults[0];
  } else {
    throw "Login failed";
  }
  var searchResults2 = sessionDetails.match(/\.ASPXAUTH=[A-Z0-9]+;/);  //modify as needed to match the cookies your browser sends
  if (searchResults2) {
    cookie = cookie + searchResults2[0];
  } else {
    throw "Login failed";
  }
  return cookie;
}