PierOne is a Docker registry in Clojure with S3 backend and OAuth support. I wrote swagger1st[0] which is used there. Swagger supports authorization definitions via scopes. Besides that, you can only define required basic auth or API key usage for authentication but not for authorisation.
Swagger defines various places, where you can add own x-* attributes to fill in your own logic if swagger is not expressive enough.
