I am looking for the path of least resistance for doing NTLM authentication in a Go HTTP request using the system credentials of the Windows user calling the application.

In C#/.NET, I would be able to achieve this through

WebRequest request = WebRequest.Create(url);
request.Credentials = CredentialCache.DefaultCredentials;
WebResponse response = request.GetResponse();
Stream receiveStream = response.GetResponseStream();

and in Python, the equivalent result can be obtained through

import win32com.client
h = win32com.client.Dispatch('WinHTTP.WinHTTPRequest.5.1')
h.SetAutoLogonPolicy(0)
h.Open('GET', url, False)
h.Send()

but I have not been able to find any resources on how to do the same thing in Go. I could of course use a library for NTLM authentication and manually provide a username/password, but the goal here is to avoid ever putting those in.

After digging into it a bit further, it looks like go-ole can be utilized to make use of WinHTTPRequest in the same way as the Python example in the question. Ignoring all error catching,

package main

import (
    "fmt"

    ole "github.com/go-ole/go-ole"
    "github.com/go-ole/go-ole/oleutil"
)

func main() {
    ole.CoInitialize(0)
    defer ole.CoUninitialize()
    unknown, _ := oleutil.CreateObject("WinHTTP.WinHTTPRequest.5.1")
    request, _ := unknown.QueryInterface(ole.IID_IDispatch)
    oleutil.CallMethod(request, "SetAutoLogonPolicy", 0)
    oleutil.CallMethod(request, "Open", "GET", "http://example.com", false)
    oleutil.CallMethod(request, "Send")
    resp := oleutil.MustGetProperty(request, "ResponseText")
    fmt.Println(resp.ToString())
}