FIX: Use sessionKeysFile for Zot OIDC session encryption

- Change from hashKeyFile/blockKeyFile inside sessionDriver to
  sessionKeysFile at auth config level
- Update ExternalSecret to generate session-keys.json with both
  hashKey and encryptKey in correct JSON format
- Fix securecookie validation error during OIDC callback

zot/manifests/secret.yaml

@@ -61,12 +61,20 @@ spec:
   target:
     name: zot-session-keys
     creationPolicy: Owner
+    template:
+      engineVersion: v2
+      data:
+        session-keys.json: |
+          {
+            "hashKey": "{{ .hashKey }}",
+            "encryptKey": "{{ .encryptKey }}"
+          }
   data:
   - secretKey: hashKey
     remoteRef:
       key: zot
       property: SESSION_HASH_KEY
-  - secretKey: blockKey
+  - secretKey: encryptKey
     remoteRef:
       key: zot
       property: SESSION_BLOCK_KEY