I am looking for the path of least resistance for doing NTLM authentication in a Go HTTP request using the system credentials of the Windows user calling the application.
In C#/.NET, I would be able to achieve this through
WebRequest request = WebRequest.Create(url);
request.Credentials = CredentialCache.DefaultCredentials;
WebResponse response = request.GetResponse();
Stream receiveStream = response.GetResponseStream();
and in Python, the equivalent result can be obtained through
import win32com.client
h = win32com.client.Dispatch('WinHTTP.WinHTTPRequest.5.1')
h.SetAutoLogonPolicy(0)
h.Open('GET', url, False)
h.Send()
but I have not been able to find any resources on how to do the same thing in Go. I could of course use a library for NTLM authentication and manually provide a username/password, but the goal here is to avoid ever putting those in.
After digging into it a bit further, it looks like go-ole can be utilized to make use of WinHTTPRequest in the same way as the Python example in the question. Ignoring all error catching,
package main
import (
"fmt"
ole "github.com/go-ole/go-ole"
"github.com/go-ole/go-ole/oleutil"
)
func main() {
ole.CoInitialize(0)
defer ole.CoUninitialize()
unknown, _ := oleutil.CreateObject("WinHTTP.WinHTTPRequest.5.1")
request, _ := unknown.QueryInterface(ole.IID_IDispatch)
oleutil.CallMethod(request, "SetAutoLogonPolicy", 0)
oleutil.CallMethod(request, "Open", "GET", "http://example.com", false)
oleutil.CallMethod(request, "Send")
resp := oleutil.MustGetProperty(request, "ResponseText")
fmt.Println(resp.ToString())
}